PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-3820 Supermicro CVE debrief

A command injection vulnerability exists in the Supermicro Baseboard Management Controller (BMC) SMTP service on the AS-2115HS-TNR platform. An attacker with administrator privileges can inject specially crafted characters into the SMTP service configuration, causing unintended command execution during process invocation. The vulnerability is classified as CWE-78 (OS Command Injection) with a CVSS 3.1 score of 7.2 (HIGH). Potential impacts include denial-of-service, arbitrary code execution, or permanent compromise of the BMC. The CVE was published on June 4, 2026 and is currently in 'Awaiting Analysis' status per NVD. Supermicro has published a security advisory for BMC/IPMI vulnerabilities.

Vendor
Supermicro
Product
Baseboard Management Controller (BMC)
CVSS
HIGH 7.2
CISA KEV
Not listed in stored evidence
Original CVE published
2026-06-04
Original CVE updated
2026-06-04
Advisory published
2026-06-04
Advisory updated
2026-06-04

Who should care

Organizations operating Supermicro AS-2115HS-TNR servers with BMC/IPMI enabled; security teams responsible for out-of-band management infrastructure; data center operators relying on BMC for remote server administration

Technical summary

The vulnerability resides in the SMTP service configuration handling within Supermicro's BMC firmware for the AS-2115HS-TNR server platform. Insufficient input validation allows an attacker with administrative access to inject shell metacharacters or command separators into SMTP configuration parameters. When the BMC subsequently invokes processes using these configuration values, the injected commands execute in the underlying operating system context. The CVSS 3.1 vector (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) indicates that while the attack complexity is low and the attack vector is network-accessible, high privileges are required—limiting exposure to compromised or malicious administrator accounts. The confidentiality, integrity, and availability impacts are all rated HIGH.

Defensive priority

HIGH

Recommended defensive actions

  • Restrict administrative access to BMC interfaces to trusted networks and authorized personnel only
  • Monitor BMC SMTP configuration changes for unauthorized modifications
  • Apply firmware updates from Supermicro when available per vendor security advisory
  • Segment BMC management networks from production and untrusted networks
  • Review BMC audit logs for indicators of unauthorized administrative access or SMTP configuration changes

Evidence notes

CVE description states attacker 'may obtain administrator privileges and inject specially crafted characters into the SMTP service configuration' causing 'unintended commands during process invocation.' CVSS vector AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H confirms network attack vector with high privileges required. NVD vulnStatus is 'Awaiting Analysis.' Weakness source indicates CWE-78. Vendor attribution to Supermicro derived from reference domain candidate with low confidence; needs review.

Official resources

2026-06-04