CIO News Hubb
Advertisement
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
CIO News Hubb
No Result
View All Result
Home Information Security

New BMC Supply Chain Vulnerabilities Affect Servers from Dozens of Manufacturers

admin by admin
December 5, 2022
in Information Security


Dec 05, 2022Ravie LakshmananServer Security / Cloud Technology

Three different security flaws have been disclosed in American Megatrends (AMI) MegaRAC Baseboard Management Controller (BMC) software that could lead to remote code execution on vulnerable servers.

“The impact of exploiting these vulnerabilities include remote control of compromised servers, remote deployment of malware, ransomware and firmware implants, and server physical damage (bricking),” firmware and hardware security company Eclypsium said in a report shared with The Hacker News.

BMCs are privileged independent systems within servers that are used to control low-level hardware settings and manage the host operating system, even in scenarios when the machine is powered off.

These capabilities make BMCs an enticing target for threat actors looking to plant persistent malware on devices that can survive operating system reinstalls and hard drive replacements.

CyberSecurity

Collectively called BMC&C, the newly identified issues can be exploited by attackers having access to remote management interfaces (IPMI) such as Redfish, potentially enabling adversaries to gain control of the systems and put cloud infrastructures at risk.

The most severe among the issues is CVE-2022-40259 (CVSS score: 9.9), a case of arbitrary code execution via the Redfish API that requires the attacker to already have a minimum level of access on the device (Callback privileges or higher).

CVE-2022-40242 (CVSS score: 8.3) relates to a hash for a sysadmin user that can be cracked and abused to gain administrative shell access, while CVE-2022-2827 (CVSS score: 7.5) is a bug in the password reset feature that can be exploited to determine if an account with a specific username exists.

“[CVE-2022-2827] allows for pinpointing pre-existing users and does not lead into a shell but would provide an attacker a list of targets for brute-force or credential stuffing attacks,” the researchers explained.

The findings once again underscore the importance of securing the firmware supply chain and ensuring that BMC systems are not directly exposed to the internet.

“As data centers tend to standardize on specific hardware platforms, any BMC-level vulnerability would most likely apply to large numbers of devices and could potentially affect an entire data center and the services that it delivers,” the company said.

The findings come as Binarly disclosed multiple high-impact vulnerabilities in AMI-based devices that could result in memory corruption and arbitrary code execution during early boot phases (i.e., a pre-EFI environment).

Earlier this May, Eclypsium also uncovered what’s called a “Pantsdown” BMC flaw impacting Quanta Cloud Technology (QCT) servers, a successful exploitation of which could grant attackers full control over the devices.

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
Previous Post

How to investigate and take action on security issues in Amazon EKS clusters with Amazon Detective – Part 2

Next Post

Innovativelogic ~ Future of CIO

Related Posts

Information Security

EC-Council’s Certified CISO Hall of Fame Report 2023

by admin
June 5, 2023
Information Security

Amazon Security Lake is now generally available

by admin
June 5, 2023
Information Security

New Linux Ransomware Strain BlackSuit Shows Striking Similarities to Royal

by admin
June 4, 2023
Information Security

Updated whitepaper available: Architecting for PCI DSS Segmentation and Scoping on AWS

by admin
June 4, 2023
Information Security

Insights from Avast’s Q1/2023 Threat Report

by admin
June 4, 2023
Next Post

Innovativelogic ~ Future of CIO

Recommended

Initiatiegrowth ~ Future of CIO

June 5, 2023

Why and how to monitor application availability and performance?

June 5, 2023

EC-Council’s Certified CISO Hall of Fame Report 2023

June 5, 2023

Amazon Security Lake is now generally available

June 5, 2023

Illuminate”not-only”

June 4, 2023

Server monitoring at the heart of your business

June 4, 2023

© CIO News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

Newsletter Sign Up

No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

© 2022 CIO News Hubb All rights reserved.