Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Supermicro security patch release for CVE-2025-7937

Security Patch Release
First reported
Last updated
Happening score
H score 19
1 unique sources, 1 articles

Summary

Hide ▲

Supermicro released firmware fixes for impacted BMC hardware models, reducing the risk that attackers could load malicious firmware and keep persistent control of servers. The update addresses the CVE-2025-7937 thread tied to a bypass path in BMC firmware verification.

Related Happenings

Cisco security patch release for CVE-2026-20182

Security Patch Release
First: 14.05.2026 20:45 Last: 14.05.2026 20:45 Sources 1

About this happening: Cisco released **updates** for **CVE-2026-20182**, a **maximum-severity authentication bypass** in **Catalyst SD-WAN Controller/Manager**, after the flaw was **exploited in limite...

Open Happening

Linux kernel security update for Copy Fail (CVE-2026-31431)

Security Patch Release
First: 30.04.2026 16:54 Last: 30.04.2026 16:54 Sources 1

About this happening: **Linux kernel** maintainers have fixed **CVE-2026-31431** and are rolling out updates to close a **local privilege escalation** flaw that lets an unprivileged attacker gain **roo...

Open Happening

GIGABYTE security patch release for CVE-2026-4415

Security Patch Release
First: 01.04.2026 01:28 Last: 01.04.2026 01:28 Sources 1

About this happening: **GIGABYTE** is directing users of **Control Center** to upgrade to **25.12.10.01** to mitigate **CVE-2026-4415**, a flaw that exposed systems to remote file writes. The update ma...

Open Happening

TP-Link security patch release for CVE-2025-15517

Security Patch Release
First: 25.03.2026 13:11 Last: 25.03.2026 13:11 Sources 1

About this happening: **TP-Link** released **security updates** for its **Archer NX** router series to close a critical authentication-bypass flaw that could let attackers upload firmware without loggi...

Open Happening

Google security patch release for CVE-2026-21385

Security Patch Release
First: 03.03.2026 10:19 Last: 03.03.2026 10:19 Sources 1

About this happening: Google released **Android** security updates covering **129 vulnerabilities**, including an **actively exploited zero-day** in a **Qualcomm display component**, creating urgent ri...

Open Happening

Timeline

  1. 24.09.2025 23:13 2 articles · 8mo ago

    Supermicro BMC firmware flaws and fixes

    Mitigation Patch Update

    Binarly identified a bypass for CVE-2024-10237 and a second flaw in the OP-TEE auth_bmc_sig path of X13SEM-F motherboard firmware, tracked as CVE-2025-6198 and confirmed by Supermicro as CVE-2025-7937, showing that maliciously crafted images and malicious fwmap manipulation can let attackers load unofficial firmware, bypass the BMC RoT, and gain persistent control of the BMC system and main server OS; Supermicro released firmware fixes for impacted models.

    Show sources
    Open in new tab