- American Megatrends International released a fix for MegaRAC Baseboard Management Controller (BMC)
- Different OEMs are now implementing the fix in their products
- ASUS released a patch to address the bug
Asus has patched a security flaw which could have bricked servers.
The flaw is tracked as CVE-2024-54085, and has the maximum severity flaw – 10/10. As the company explained, it affects American Megatrends International’s (AMI) MegaRAC Baseboard Management Controller (BMC), a firmware solution that enables out-of-band, or “lights-out” remote server management.
With BMC, admins can monitor, troubleshoot, and control servers even when they’re turned off.
Remote control
“AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface,” it says on the CVE’s NVD page. “A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.”
BMC is used by “over a dozen” server hardware vendors, including HPE, Asus, and ASRock.
Security researchers from Eclypsium, who wrote an in-depth report about the bug, said it could be abused in malware infections and even ransomware attacks:
“Exploitation of this vulnerability allows an attacker to remotely control the compromised server, remotely deploy malware, ransomware, firmware tampering, bricking motherboard components (BMC or potentially BIOS/UEFI), potential server physical damage (over-voltage / bricking), and indefinite reboot loops that a victim cannot stop.”
AMI released a patch in mid-March, it was said, but it took OEMs time to implement it. HPE, for example, published a security bulletin on March 20, addressing the vulnerability for HPE Cray XD670 server. This bulletin also confirmed that the vulnerability could be remotely exploited to allow authentication bypass. Additionally, reports indicate that HPE has released security updates for their products that integrate AMI’s fix for CVE-2024-54085.
ASUS has now addressed the bug on four motherboards.
Users are advised to upgrade their BMC firmware to these versions:
PRO WS W790E-SAGE SE – version 1.1.57
PRO WS W680M-ACE SE – version 1.1.21
PRO WS WRX90E-SAGE SE – version 2.1.28
Pro WS WRX80E-SAGE SE WIFI – version 1.34.0
Since this is a maximum-severity flaw that allows ransomware infections, users are advised to apply the update without delay.
Via BleepingComputer
