ASUS BMC firmware Web yönetim ara yüzünde Buffer Overflow başta olmak üzere bazı zafiyetler tespit edilmiştir.
Mevcut açıklığı kullanan saldırganların web servisini sonlandırmaları ihtimal dahilindedir. Bahsi geçen zafiyetlerin CVE kodları şu şekildedir:
CVE-2021-28179, CVE-2021-28180, CVE-2021-28181, CVE-2021-28182, CVE-2021-28183, CVE-2021-28184, CVE-2021-28185, CVE-2021-28186, CVE-2021-28187, CVE-2021-28188, CVE-2021-28189, CVE-2021-28190, CVE-2021-28191, CVE-2021-28192, CVE-2021-28193, CVE-2021-28194, CVE-2021-28195, CVE-2021-28196, CVE-2021-28197, CVE-2021-28198, CVE-2021-28199, CVE-2021-28200, CVE-2021-28201, CVE-2021-28202, CVE-2021-28203, CVE-2021-28204, CVE-2021-28205, CVE-2021-28206, CVE-2021-28207, CVE-2021-28208 ve CVE-2021-28209
Ulusal Siber Olaylara Müdahale Merkezi (USOM), kullanıcı ve sistem yöneticilerine yüksek önem derecesindeki zafiyetler için ASUS tarafından yayınlanan güvenlik önerilerini incelemelerini tavsiye etmektedir.
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28179
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28180
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28181
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28182
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28183
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28184
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28185
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28186
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28187
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28188
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28179
2021-04-07