A essential safety vulnerability has been disclosed in AMI’s MegaRAC Baseboard Control Controller (BMC) device that would permit an attacker to circumvent authentication and perform post-exploitation movements.
The vulnerability, tracked as CVE-2024-54085, carries a CVSS v4 ranking of 10.0, indicating most severity.
“An area or far flung attacker can exploit the vulnerability via getting access to the far flung control interfaces (Redfish) or the inner host to the BMC interface (Redfish),” firmware safety corporate Eclypsium stated in a record shared with The Hacker Information.
“Exploitation of this vulnerability lets in an attacker to remotely regulate the compromised server, remotely deploy malware, ransomware, firmware tampering, bricking motherboard parts (BMC or probably BIOS/UEFI), possible server bodily injury (over-voltage / bricking), and indefinite reboot loops {that a} sufferer can’t forestall.”
The vulnerability can additional be weaponized to degree disruptive assaults, inflicting inclined units to repeatedly reboot via sending malicious instructions. This is able to then pave the best way for indefinite downtime till the units are re-provisioned.
CVE-2024-54085 is the most recent in an extended record of safety shortcomings which were exposed in AMI MegaRAC BMCs since December 2022. They have got been jointly tracked as BMC&C –
Eclypsium famous that CVE-2024-54085 is very similar to CVE-2023-34329 in that it lets in for an authentication bypass with a an identical affect. The vulnerability has been showed to have an effect on the under units –
- HPE Cray XD670
- Asus RS720A-E11-RS24U
- ASRockRack
AMI has launched patches to handle the flaw as of March 11, 2025. Whilst there is not any proof that the problem has been exploited within the wild, that you must that downstream customers replace their techniques as soon as OEM distributors incorporate those fixes and unencumber them to their shoppers.
“Notice that patching those vulnerabilities is a non-trivial workout, requiring tool downtime,” Eclypsium stated. “The vulnerability handiest impacts AMI’s BMC device stack. Alternatively, since AMI is on the best of the BIOS provide chain, the downstream affect impacts over a dozen producers.”