On Supermicro X10 and X11 products, a client's access privileges may be transferred to a different client that later has the same socket file descriptor number. In opportunistic circumstances, an attacker can simply connect to the virtual media service, and then connect virtual USB devices to the server managed by the BMC.
総合評価: CVE-2019-16650 は高リスク(69.4/100)。CVSS 深刻度は重大。悪用される可能性が高い(EPSS 2.16%、80 パーセンタイル) 根拠: 直近 1 日で EPSS が +1.51% 上昇。悪用への関心が高まっている可能性があります。 推奨対応: 悪用可能性が高いため、影響範囲の確認と修補の優先付けを推奨します。
リスクは変動します。再評価に基づき、本ページの表示内容を更新しています。
EPSS は日次で悪用されやすさの相対度合いを推定します。パーセンタイルは採点済み CVE の中での相対位置(高いほど相対的に深刻)を示します。
| # | 日付 | 旧 EPSS スコア | 新 EPSS スコア | Δ(新 − 旧) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.65% | 2.16% | +1.51% |
| 2 | 2025-11-21 | 0.77% | 0.65% | -0.11% |
| 3 | 2025-11-18 | — | 0.77% | — |
EPSS の全履歴 (全 15 件)
この CVE の CVSS 指標。
| ベーススコア | バージョン | 深刻度 | ベクトル | 悪用しやすさ | 影響 | スコアの出典 |
|---|---|---|---|---|---|---|
| 10.0 | 3.1 | CRITICAL |
|
3.9 | 6.0 | [email protected] |
| 7.5 | 2.0 | HIGH |
|
10.0 | 6.4 | [email protected] |
| ベンダー | 製品 | バージョン | 生の CPE |
|---|---|---|---|
| supermicro | x11dai-n_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dai-n_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dac_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dac_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dph-tq_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dph-tq_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dph-i_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dph-i_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dph-t_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dph-t_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dps-re_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dps-re_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dsf-e_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dsf-e_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dsn-ts_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dsn-ts_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dsn-tsq_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dsn-tsq_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dsc\+_firmware | 1.74 | cpe:2.3:o:supermicro:x11dsc\+_firmware:1.74:*:*:*:*:*:*:* |
| supermicro | x11ddw-nt_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11ddw-nt_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11ddw-l_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11ddw-l_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dgq_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dgq_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dpff-sn_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dpff-sn_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dpfr-sn_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dpfr-sn_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dpfr-s_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dpfr-s_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dpt-ps_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dpt-ps_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dpt-b_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dpt-b_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dpt-bh_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dpt-bh_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dpt-l_firmware | 3.74 | cpe:2.3:o:supermicro:x11dpt-l_firmware:3.74:*:*:*:*:*:*:* |
| supermicro | x11dpu_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dpu_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dpu-v_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dpu-v_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dpu-x_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dpu-x_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dpu-xll_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dpu-xll_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dpu-z\+_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dpu-z\+_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dpu-ze\+_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dpu-ze\+_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dpg-sn_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dpg-sn_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dpg-qt_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dpg-qt_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dpg-ot-cpu_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dpg-ot-cpu_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dpi-nt_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dpi-nt_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dpi-n_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dpi-n_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dpl-i_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dpl-i_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dpx-t_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dpx-t_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11dgo-t_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11dgo-t_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11sca_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11sca_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11sca-f_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11sca-f_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11sch-f_firmware | 1.23.2 | cpe:2.3:o:supermicro:x11sch-f_firmware:1.23.2:*:*:*:*:*:*:* |
| supermicro | x11sch-ln4f_firmware | 1.23.2 | cpe:2.3:o:supermicro:x11sch-ln4f_firmware:1.23.2:*:*:*:*:*:*:* |
| supermicro | x11sca-w_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11sca-w_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11scl-f_firmware | 1.23.2 | cpe:2.3:o:supermicro:x11scl-f_firmware:1.23.2:*:*:*:*:*:*:* |
| supermicro | x11scl-ln4f_firmware | 1.23.2 | cpe:2.3:o:supermicro:x11scl-ln4f_firmware:1.23.2:*:*:*:*:*:*:* |
| supermicro | x11scl-if_firmware | 1.23.2 | cpe:2.3:o:supermicro:x11scl-if_firmware:1.23.2:*:*:*:*:*:*:* |
| supermicro | x11scm-f_firmware | 1.23.2 | cpe:2.3:o:supermicro:x11scm-f_firmware:1.23.2:*:*:*:*:*:*:* |
| supermicro | x11scm-ln8f_firmware | 1.23.2 | cpe:2.3:o:supermicro:x11scm-ln8f_firmware:1.23.2:*:*:*:*:*:*:* |
| supermicro | x11scw-f_firmware | 3.75.00 | cpe:2.3:o:supermicro:x11scw-f_firmware:3.75.00:*:*:*:*:*:*:* |
| supermicro | x11spa-t_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11spa-t_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11spa-tf_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11spa-tf_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11spi-tf_firmware | 1.71.6 | cpe:2.3:o:supermicro:x11spi-tf_firmware:1.71.6:*:*:*:*:*:*:* |
| supermicro | x11spl-f_firmware | 1.71.6 | cpe:2.3:o:supermicro:x11spl-f_firmware:1.71.6:*:*:*:*:*:*:* |
| supermicro | x11spm-f_firmware | 1.71.6 | cpe:2.3:o:supermicro:x11spm-f_firmware:1.71.6:*:*:*:*:*:*:* |
| supermicro | x11spm-tf_firmware | 1.71.6 | cpe:2.3:o:supermicro:x11spm-tf_firmware:1.71.6:*:*:*:*:*:*:* |
| supermicro | x11spm-tpf_firmware | 1.71.6 | cpe:2.3:o:supermicro:x11spm-tpf_firmware:1.71.6:*:*:*:*:*:*:* |
| supermicro | x11sph-nctf_firmware | 1.71.6 | cpe:2.3:o:supermicro:x11sph-nctf_firmware:1.71.6:*:*:*:*:*:*:* |
| supermicro | x11sph-nctpf_firmware | 1.71.6 | cpe:2.3:o:supermicro:x11sph-nctpf_firmware:1.71.6:*:*:*:*:*:*:* |
| supermicro | x11spw-tf_firmware | 1.71.6 | cpe:2.3:o:supermicro:x11spw-tf_firmware:1.71.6:*:*:*:*:*:*:* |
| supermicro | x11spw-ctf_firmware | 1.71.6 | cpe:2.3:o:supermicro:x11spw-ctf_firmware:1.71.6:*:*:*:*:*:*:* |
| supermicro | x11spg-tf_firmware | 1.71.6 | cpe:2.3:o:supermicro:x11spg-tf_firmware:1.71.6:*:*:*:*:*:*:* |
| supermicro | x11sri-if_firmware | 3.75.00 | cpe:2.3:o:supermicro:x11sri-if_firmware:3.75.00:*:*:*:*:*:*:* |
| supermicro | x11srl-f_firmware | 3.74.2 | cpe:2.3:o:supermicro:x11srl-f_firmware:3.74.2:*:*:*:*:*:*:* |
| supermicro | x11srm-f_firmware | 1.31.1 | cpe:2.3:o:supermicro:x11srm-f_firmware:1.31.1:*:*:*:*:*:*:* |
| supermicro | x11srm-vf_firmware | 1.31.1 | cpe:2.3:o:supermicro:x11srm-vf_firmware:1.31.1:*:*:*:*:*:*:* |
| supermicro | x11ssl-f_firmware | 1.56 | cpe:2.3:o:supermicro:x11ssl-f_firmware:1.56:*:*:*:*:*:*:* |
| supermicro | x11ssm-f_firmware | 1.56 | cpe:2.3:o:supermicro:x11ssm-f_firmware:1.56:*:*:*:*:*:*:* |
| supermicro | x11ssl_firmware | 1.56 | cpe:2.3:o:supermicro:x11ssl_firmware:1.56:*:*:*:*:*:*:* |
| supermicro | x11ssm_firmware | 1.56 | cpe:2.3:o:supermicro:x11ssm_firmware:1.56:*:*:*:*:*:*:* |
| supermicro | x11ssh-f_firmware | 1.56 | cpe:2.3:o:supermicro:x11ssh-f_firmware:1.56:*:*:*:*:*:*:* |
| supermicro | x11ssh-ln4f_firmware | 1.56 | cpe:2.3:o:supermicro:x11ssh-ln4f_firmware:1.56:*:*:*:*:*:*:* |
| supermicro | x11ssw-4tf_firmware | 1.56 | cpe:2.3:o:supermicro:x11ssw-4tf_firmware:1.56:*:*:*:*:*:*:* |
| supermicro | x11ssw-tf_firmware | 1.56 | cpe:2.3:o:supermicro:x11ssw-tf_firmware:1.56:*:*:*:*:*:*:* |
| supermicro | x11ssw-f_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11ssw-f_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11ssi-ln4f_firmware | 1.71.5 | cpe:2.3:o:supermicro:x11ssi-ln4f_firmware:1.71.5:*:*:*:*:*:*:* |
| supermicro | x11ssw-f_firmware | 3.85.00 | cpe:2.3:o:supermicro:x11ssw-f_firmware:3.85.00:*:*:*:*:*:*:* |
| supermicro | x11ssh-tf_firmware | 1.56 | cpe:2.3:o:supermicro:x11ssh-tf_firmware:1.56:*:*:*:*:*:*:* |
| supermicro | x11ssh-ctf_firmware | 1.56 | cpe:2.3:o:supermicro:x11ssh-ctf_firmware:1.56:*:*:*:*:*:*:* |
| supermicro | x11ssl-cf_firmware | 1.56 | cpe:2.3:o:supermicro:x11ssl-cf_firmware:1.56:*:*:*:*:*:*:* |
| supermicro | x11ssl-nf_firmware | 1.56 | cpe:2.3:o:supermicro:x11ssl-nf_firmware:1.56:*:*:*:*:*:*:* |
| supermicro | x11ssh-gf-1585_firmware | 1.56 | cpe:2.3:o:supermicro:x11ssh-gf-1585_firmware:1.56:*:*:*:*:*:*:* |
| supermicro | x11ssh-gf-1585l_firmware | 1.56 | cpe:2.3:o:supermicro:x11ssh-gf-1585l_firmware:1.56:*:*:*:*:*:*:* |
| supermicro | x11ssh-gtf-1585_firmware | 1.56 | cpe:2.3:o:supermicro:x11ssh-gtf-1585_firmware:1.56:*:*:*:*:*:*:* |
| supermicro | x11ssh-gtf-1585l_firmware | 1.56 | cpe:2.3:o:supermicro:x11ssh-gtf-1585l_firmware:1.56:*:*:*:*:*:*:* |
| URL | タグ |
|---|---|
| https://eclypsium.com/2019/09/03/usbanywhere-bmc-vulnerability-opens-servers-to-remote-attack/ | Mitigation Third Party Advisory |
| https://github.com/eclypsium/USBAnywhere | Third Party Advisory |
| https://www.supermicro.com/support/security_BMC_virtual_media.cfm | Vendor Advisory |