A critical security vulnerability has been disclosed in AMI’s MegaRAC Baseboard Management Controller (BMC) software, allowing attackers to bypass authentication and carry out post-exploitation actions. Tracked as CVE-2024-54085, this vulnerability has a maximum severity score of 10.0 on the CVSS v4 scale. Firmware security company Eclypsium reported that attackers can exploit this vulnerability by accessing remote management interfaces or the internal host to the BMC interface.
Exploitation of CVE-2024-54085 could enable attackers to remotely control compromised servers, deploy malware, tamper with firmware, brick motherboard components, and cause physical damage to servers. The vulnerability can also be weaponized to trigger disruptive attacks that continually reboot susceptible devices, leading to indefinite downtime. This latest vulnerability is part of a series of security shortcomings found in AMI MegaRAC BMCs since December 2022.
Affected devices include HPE Cray XD670, Asus RS720A-E11-RS24U, and ASRockRack. AMI has released patches to address the flaw as of March 11, 2025. While there is no evidence of exploitation in the wild, downstream users are urged to update their systems once OEM vendors incorporate the fixes. Patching these vulnerabilities is crucial, as Eclypsium emphasized the downstream impact on over a dozen manufacturers due to AMI’s position at the top of the BIOS supply chain.
To stay updated on cybersecurity news and exclusive content, follow The Hacker News on Twitter and LinkedIn. It is essential for organizations to remain vigilant and proactive in addressing security vulnerabilities to protect their systems and data from potential threats.
Source link