CVE-2026-33554

{"id": "CVE-2026-33554", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2026-03-24T15:16:35.743", "references": [{"url": "https://ftp.gnu.org/gnu/freeipmi/", "source": "cve@mitre.org"}, {"url": "https://savannah.gnu.org/bugs/?68140", "source": "cve@mitre.org"}, {"url": "https://savannah.gnu.org/bugs/?68141", "source": "cve@mitre.org"}, {"url": "https://savannah.gnu.org/bugs/?68142", "source": "cve@mitre.org"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "ipmi-oem in FreeIPMI before 1.16.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system management. It is most commonly used for sensor reading (e.g., CPU temperatures through the ipmi-sensors command within FreeIPMI) and remote power control (the ipmipower command). The ipmi-oem client command implements a set of a IPMI OEM commands for specific hardware vendors. If a user has supported hardware, they may wish to use the ipmi-oem command to send a request to a server to retrieve specific information. Three subcommands were found to have exploitable buffer overflows on response messages. They are: \"ipmi-oem dell get-last-post-code - get the last POST code and string describing the error on some Dell servers,\" \"ipmi-oem supermicro extra-firmware-info - get extra firmware info on Supermicro servers,\" and \"ipmi-oem wistron read-proprietary-string - read a proprietary string on Wistron servers.\""}, {"lang": "es", "value": "ipmi-oem en FreeIPMI anterior a 1.16.17 tiene desbordamientos de b\u00fafer explotables en mensajes de respuesta. La especificaci\u00f3n de la Interfaz de Gesti\u00f3n de Plataforma Inteligente (IPMI) define un conjunto de interfaces para la gesti\u00f3n de plataformas. Es implementada por un gran n\u00famero de fabricantes de hardware para soportar la gesti\u00f3n del sistema. Se utiliza m\u00e1s com\u00fanmente para la lectura de sensores (por ejemplo, temperaturas de CPU a trav\u00e9s del comando ipmi-sensors dentro de FreeIPMI) y el control remoto de energ\u00eda (el comando ipmipower). El comando cliente ipmi-oem implementa un conjunto de comandos IPMI OEM para proveedores de hardware espec\u00edficos. Si un usuario tiene hardware compatible, puede desear usar el comando ipmi-oem para enviar una solicitud a un servidor para recuperar informaci\u00f3n espec\u00edfica. Se encontr\u00f3 que tres subcomandos ten\u00edan desbordamientos de b\u00fafer explotables en mensajes de respuesta. Son: 'ipmi-oem dell get-last-post-code - obtener el \u00faltimo c\u00f3digo POST y la cadena que describe el error en algunos servidores Dell,' 'ipmi-oem supermicro extra-firmware-info - obtener informaci\u00f3n extra de firmware en servidores Supermicro,' y 'ipmi-oem wistron read-proprietary-string - leer una cadena propietaria en servidores Wistron.'"}], "lastModified": "2026-04-27T19:18:46.690", "sourceIdentifier": "cve@mitre.org"}