During this research, Binarly discovered a second vulnerability, CVE-2025-6198, relating to Supermicro’s X13SEM-F motherboard firmware, also rated as high severity with a CVSS score of 7.2.
While CVE-2025-7937 or CVE-2025-6198 would pose major security risks in the event attackers were able to exploit them, the caveat is that to do so the attackers would need to have established admin access to the systems to interact with the firmware.
That might make exploitation sound like a long shot — neither can be exploited remotely — but as countless real-world attacks show, rogue admin access and privilege elevation can be gained in a separate, indirect attack.
Incomplete fix
CVE-2025-7937 and CVE-2025-6198 uncovered different issues with Supermicro’s validation logic, the checking process that’s supposed to stop legitimate firmware being replaced with malicious code.
Binarly said that the January flaw, CVE-2024-10237, made it possible to fool the validation process by adding illicit entries to the firmware map table (fwmap) so that the rogue firmware matched the cryptographically signed value.
Supermicro adjusted the validation checks to detect this, but through CVE-2025-7937, Binarly researchers were able to re-target the modified validation checking.
