wikiSupermicro security update for AMI-SA-2025003, April 2025
In April 2025, Supermicro published a security bulletin on AMI-SA-2025003. A safety gap has been found in AptioV (CVE-2024-54084) that also concerns some BIOS producers. An attacker could cause a time-of-check time-of-use (TOCTOU) Race Condition, which enables to execute the harmful code. [1]
Troubleshooting
Here is a table listing the corresponding mainboards and required BIOS versions to close the gap:
| Mainboard | BIOS Version |
|---|---|
| H13 – H13SAE | 2.3 |
| H13 – H13SRD | 1.5 |
| H13 –H13SRE-F | 2.3 |
Updates for products of Thomas-Krenn
Updates for the corresponding system can be found in the download area of Thomas-Krenn. The updates in the download area have been tested by us to guarantee the stability and compatibility of our systems.
If you need the latest version for your system and it is not yet available in our download area, you can get it at Supermicro.
More information
- Security Audit Reported Vulnerabilities ID - AMI-SA-2025003 (PDF, go.ami.com, 13.03.2025)
- CVE-2024-54084 Detail (nvd.nist.gov, 11.03.2025)
References
- ↑ AMI Security Advisory AMI-SA-2025003, March 2025 (www.supermicro.com/en/support/security_center, April 2025)
Related articles
Intel S2600GZ4 Motherboard
Supermicro H8DG6-F Motherboard
Supermicro X7SPA-HF and X7SPE-HF Motherboard
