CIO News Hubb
Advertisement
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
CIO News Hubb
No Result
View All Result
Home Information Security

New BMC Supply Chain Vulnerabilities Affect Servers from Dozens of Manufacturers

admin by admin
December 5, 2022
in Information Security


Dec 05, 2022Ravie LakshmananServer Security / Cloud Technology

Three different security flaws have been disclosed in American Megatrends (AMI) MegaRAC Baseboard Management Controller (BMC) software that could lead to remote code execution on vulnerable servers.

“The impact of exploiting these vulnerabilities include remote control of compromised servers, remote deployment of malware, ransomware and firmware implants, and server physical damage (bricking),” firmware and hardware security company Eclypsium said in a report shared with The Hacker News.

BMCs are privileged independent systems within servers that are used to control low-level hardware settings and manage the host operating system, even in scenarios when the machine is powered off.

These capabilities make BMCs an enticing target for threat actors looking to plant persistent malware on devices that can survive operating system reinstalls and hard drive replacements.

CyberSecurity

Collectively called BMC&C, the newly identified issues can be exploited by attackers having access to remote management interfaces (IPMI) such as Redfish, potentially enabling adversaries to gain control of the systems and put cloud infrastructures at risk.

The most severe among the issues is CVE-2022-40259 (CVSS score: 9.9), a case of arbitrary code execution via the Redfish API that requires the attacker to already have a minimum level of access on the device (Callback privileges or higher).

CVE-2022-40242 (CVSS score: 8.3) relates to a hash for a sysadmin user that can be cracked and abused to gain administrative shell access, while CVE-2022-2827 (CVSS score: 7.5) is a bug in the password reset feature that can be exploited to determine if an account with a specific username exists.

“[CVE-2022-2827] allows for pinpointing pre-existing users and does not lead into a shell but would provide an attacker a list of targets for brute-force or credential stuffing attacks,” the researchers explained.

The findings once again underscore the importance of securing the firmware supply chain and ensuring that BMC systems are not directly exposed to the internet.

“As data centers tend to standardize on specific hardware platforms, any BMC-level vulnerability would most likely apply to large numbers of devices and could potentially affect an entire data center and the services that it delivers,” the company said.

The findings come as Binarly disclosed multiple high-impact vulnerabilities in AMI-based devices that could result in memory corruption and arbitrary code execution during early boot phases (i.e., a pre-EFI environment).

Earlier this May, Eclypsium also uncovered what’s called a “Pantsdown” BMC flaw impacting Quanta Cloud Technology (QCT) servers, a successful exploitation of which could grant attackers full control over the devices.

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
Previous Post

How to investigate and take action on security issues in Amazon EKS clusters with Amazon Detective – Part 2

Next Post

Innovativelogic ~ Future of CIO

Related Posts

Information Security

New Russian-Backed Gamaredon’s Spyware Variants Targeting Ukrainian Authorities

by admin
February 2, 2023
Information Security

AWS achieves ISO 20000-1:2018 certification for 109 services

by admin
February 2, 2023
Information Security

Everything you need to know

by admin
February 2, 2023
Information Security

Researchers Uncover New Bugs in Popular ImageMagick Image Processing Utility

by admin
February 1, 2023
Information Security

How to set up ongoing replication from your third-party secrets manager to AWS Secrets Manager

by admin
February 1, 2023
Next Post

Innovativelogic ~ Future of CIO

Recommended

Initiatetogoapproach

February 2, 2023

New Russian-Backed Gamaredon’s Spyware Variants Targeting Ukrainian Authorities

February 2, 2023

AWS achieves ISO 20000-1:2018 certification for 109 services

February 2, 2023

Everything you need to know

February 2, 2023

Influentialleadership ~ Future of CIO

February 1, 2023

Researchers Uncover New Bugs in Popular ImageMagick Image Processing Utility

February 1, 2023

© 2022 CIO News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

Newsletter Sign Up

No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

© 2022 CIO News Hubb All rights reserved.