A important safety vulnerability has been disclosed in AMI’s MegaRAC Baseboard Administration Controller (BMC) software program that would permit an attacker to bypass authentication and perform post-exploitation actions.
The vulnerability, tracked as CVE-2024-54085, carries a CVSS v4 rating of 10.0, indicating most severity.
“An area or distant attacker can exploit the vulnerability by accessing the distant administration interfaces (Redfish) or the interior host to the BMC interface (Redfish),” firmware safety firm Eclypsium said in a report shared with The Hacker Information.
“Exploitation of this vulnerability permits an attacker to remotely management the compromised server, remotely deploy malware, ransomware, firmware tampering, bricking motherboard parts (BMC or doubtlessly BIOS/UEFI), potential server bodily harm (over-voltage / bricking), and indefinite reboot loops {that a} sufferer can’t cease.”
The vulnerability can additional be weaponized to stage disruptive assaults, inflicting inclined gadgets to repeatedly reboot by sending malicious instructions. This might then pave the best way for indefinite downtime till the gadgets are re-provisioned.
CVE-2024-54085 is the newest in a protracted listing of safety shortcomings which have been uncovered in AMI MegaRAC BMCs since December 2022. They’ve been collectively tracked as BMC&C –
Eclypsium famous that CVE-2024-54085 is much like CVE-2023-34329 in that it permits for an authentication bypass with an analogous influence. The vulnerability has been confirmed to have an effect on the under gadgets –
- HPE Cray XD670
- Asus RS720A-E11-RS24U
- ASRockRack
AMI has released patches to deal with the flaw as of March 11, 2025. Whereas there isn’t a proof that the difficulty has been exploited within the wild, it is important that downstream customers replace their programs as soon as OEM distributors incorporate these fixes and launch them to their prospects.
“Be aware that patching these vulnerabilities is a non-trivial train, requiring machine downtime,” Eclypsium mentioned. “The vulnerability solely impacts AMI’s BMC software program stack. Nonetheless, since AMI is on the high of the BIOS provide chain, the downstream influence impacts over a dozen producers.”
