Threat actors were confirmed by the Cybersecurity and Infrastructure Security Agency to have been targeting AMC MegaRAC Baseboard Management Controller software instances impacted by the maximum severity authentication bypass flaw, tracked as CVE-2024-54085, BleepingComputer reports.
Federal agencies have been urged to remediate the issue within the firmware, which is used by HP Enterprise, ASUS, ASRock, and other vendors for remote system management, by July 16 following its inclusion in CISA's Known Exploited Vulnerabilities catalog. Over 1,000 internet-exposed servers were discovered by Eclypsium in March to have been affected by the flaw, which could be leveraged to facilitate remote takeovers and malware delivery, firmware tampering, physical damage to servers, and bootloops. "To our knowledge, the vulnerability only affects AMI's BMC software stack. However, since AMI is at the top of the BIOS supply chain, the downstream impact affects over a dozen manufacturers," said Eclypsium.
Federal agencies have been urged to remediate the issue within the firmware, which is used by HP Enterprise, ASUS, ASRock, and other vendors for remote system management, by July 16 following its inclusion in CISA's Known Exploited Vulnerabilities catalog. Over 1,000 internet-exposed servers were discovered by Eclypsium in March to have been affected by the flaw, which could be leveraged to facilitate remote takeovers and malware delivery, firmware tampering, physical damage to servers, and bootloops. "To our knowledge, the vulnerability only affects AMI's BMC software stack. However, since AMI is at the top of the BIOS supply chain, the downstream impact affects over a dozen manufacturers," said Eclypsium.




