Multiple Vulnerabilities in IPMI for SN6100 appliances

Advisory ID CVE Number Date discovered Severity Advisory revision
STORM-2023-033 CVE-2021-26727 , CVE-2021-26728 , CVE-2021-26729 , CVE-2021-26730 , CVE-2021-26731 , CVE-2021-26732 , CVE-2021-26733 , CVE-2021-44776 , CVE-2021-44467 06/12/2023 low v1

Vulnerability details

The Intelligent Platform Management Interface (IPMI) is a set of computer interface specifications for an autonomous computer subsystem that provides management and monitoring capabilities independently of the host system’s CPU, firmware (BIOS or UEFI) and operating system. The IPMI firmware version embedded in SN6100 has to be updated in order to solve security issues.

Impacted products

ProductsSeverityDetail
Stormshield Network Security low SN6100 appliances produced before jan. 2024 ship a vulnerable IPMI

Revisions

Version Date Description
v1 03/27/2025 Initial release

 



Stormshield Network Security

CVSS v3.1 Overall Score: 3.1      

Analysis

Impacted version

The vulnerabilities identified here are of the following types:
– Incorrect neutralization of special elements used in a command (‘Command Injection’)
– Out-of-bounds writing
– Incorrect control of code generation (‘Code Injection’)
– Stack-based buffer overflow

By default, SN6100 is not impacted as the default BIOS configuration applied to SNS products does not offer the possibility of exploiting these various vulnerabilities. Only SN6100 appliances with IPMI revision <1.86 enabled are vulnerable.

It’s possible to check the IPMI firmware revision on SN6100 appliances using the following command in SNS shell:
> ipmitool mc info

Only IPMI firmware lower than 1.86 is impacted by these vulnerabilities.

Technical notes about the IPMI firmware update are available on the Stormshield documentation website.

To enforce Stormshield products security, we recommend to follow the RECOMMENDATIONS FOR THE SECURE CONFIGURATION OF AN SNS FIREWALL.
  • SN6100 IPMI firmware lower than 1.86

Workaround solution

Solution

If enabled, disabling IPMI in the product’s BIOS settings can effectively prevent exploitation of this vulnerability.

The 1.86 IPMI update available on the Stormshield website (in TOOLS section) will fix these vulnerabilities.



Attack Vector Attack Complexity Privileges Required User Interaction Scope Confidentiality Impact Integrity Impact Availability impact
Network High None Required Unchanged None None High
CVSS Base score: 5.3 CVSS Vector: (AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H)
Exploit Code Maturity Remediation Level Report Confidence
Unproven that exploit exists Official fix Confirmed
CVSS Temporal score: 4.6 CVSS Vector: (AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Confidentiality Requirement Integrity Requirement Availability Requirement
Low Low Low
CVSS Environmental score: 3.1 CVSS Vector: (AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C/CR:L/IR:L/AR:L/MAV:X/MAC:X/MPR:X/MUI:X/MS:X/MC:X/MI:X/MA:X)