Researchers at cybersecurity firm Eclypsium have discovered two new critical vulnerabilities in MegaRAC Baseboard Management Controller (BMC) software manufactured by American Megatrends International (AMI). Through these vulnerabilities, hackers can remotely access millions of computers and also remotely lock devices.Millions of systems at risk
BMCs help facilitate the management of fleets of servers, computers or other hardware devices, large or small, by allowing system administrators to remotely monitor and control servers even when they are turned off. Given the extensive control that BMCs give to sysadmins, any vulnerability in software can be considered bad news. The bad news could get even worse when we consider that BMC firmware is found on millions of devices from major vendors such as Ampere, Asrock, Asus, Arm, Dell, Gigabyte, HPE, Huawei, Inspur, Lenovo, Nvidia, Qualcomm, Quanta and Tyan.
The newly discovered vulnerabilities in BMC firmware were coded as CVE-2023-34329 and CVE-2023-34330. The first is a critical authentication issue that can be exploited by forging HTTP headers, while the second is a code injection bug. The vulnerabilities were discovered by analyzing the leaked AMI source code from the 2021 Gigabyte data breach. 112 GB of confidential data was stolen by the RansomEXX group.
According to Eclypsium’s blog post, the new vulnerabilities pose a critical threat to affected servers and other devices. Because hackers can exploit these vulnerabilities to do almost anything remotely, including installing or uninstalling any software. The researchers say they are not aware that either vulnerabilities have been exploited, but it is possible for hackers to successfully target the affected systems.
36427
