HomeVulnerabilityNew Essential AMI BMC Vulnerability Permits Distant Server Takeover and Bricking

New Essential AMI BMC Vulnerability Permits Distant Server Takeover and Bricking

A important security vulnerability has been disclosed in AMI’s MegaRAC Baseboard Administration Controller (BMC) software program that might permit an attacker to bypass authentication and perform post-exploitation actions.

The vulnerability, tracked as CVE-2024-54085, carries a CVSS v4 rating of 10.0, indicating most severity.

“An area or distant attacker can exploit the vulnerability by accessing the distant administration interfaces (Redfish) or the inner host to the BMC interface (Redfish),” firmware security firm Eclypsium stated in a report shared with The Hacker Information.

“Exploitation of this vulnerability permits an attacker to remotely management the compromised server, remotely deploy malware, ransomware, firmware tampering, bricking motherboard elements (BMC or doubtlessly BIOS/UEFI), potential server bodily harm (over-voltage / bricking), and indefinite reboot loops {that a} sufferer can’t cease.”

The vulnerability can additional be weaponized to stage disruptive assaults, inflicting prone gadgets to repeatedly reboot by sending malicious instructions. This might then pave the way in which for indefinite downtime till the gadgets are re-provisioned.

Cybersecurity

CVE-2024-54085 is the most recent in an extended record of security shortcomings which have been uncovered in AMI MegaRAC BMCs since December 2022. They’ve been collectively tracked as BMC&C –

Eclypsium famous that CVE-2024-54085 is much like CVE-2023-34329 in that it permits for an authentication bypass with an identical impression. The vulnerability has been confirmed to have an effect on the under gadgets –

  • HPE Cray XD670
  • Asus RS720A-E11-RS24U
  • ASRockRack
See also  Ease the Burden with AI-Pushed Menace Intelligence Reporting

AMI has launched patches to deal with the flaw as of March 11, 2025. Whereas there is no such thing as a proof that the problem has been exploited within the wild, it is important that downstream customers replace their techniques as soon as OEM distributors incorporate these fixes and launch them to their prospects.

“Word that patching these vulnerabilities is a non-trivial train, requiring system downtime,” Eclypsium stated. “The vulnerability solely impacts AMI’s BMC software program stack. Nevertheless, since AMI is on the prime of the BIOS provide chain, the downstream impression impacts over a dozen producers.”

- Advertisment -spot_img
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular