Vulnerability Management, Critical Infrastructure Security, Patch/Configuration Management

Attacks leveraging maximum severity AMI MegaRAC vulnerability underway

(Adobe Stock)

Threat actors were confirmed by the Cybersecurity and Infrastructure Security Agency to have been targeting AMC MegaRAC Baseboard Management Controller software instances impacted by the maximum severity authentication bypass flaw, tracked as CVE-2024-54085, BleepingComputer reports.

Federal agencies have been urged to remediate the issue within the firmware, which is used by HP Enterprise, ASUS, ASRock, and other vendors for remote system management, by July 16 following its inclusion in CISA's Known Exploited Vulnerabilities catalog. Over 1,000 internet-exposed servers were discovered by Eclypsium in March to have been affected by the flaw, which could be leveraged to facilitate remote takeovers and malware delivery, firmware tampering, physical damage to servers, and bootloops. "To our knowledge, the vulnerability only affects AMI's BMC software stack. However, since AMI is at the top of the BIOS supply chain, the downstream impact affects over a dozen manufacturers," said Eclypsium.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds