AMI MegaRAC flaws affect many cloud service providers’ servers
Three vulnerabilities naming CVE-2022-40259, CVE-2022-40242 and CVE-2022-2827 in the American Megatrends MegaRAC Baseboard Management Controller (BMC) software impact server equipment used in many cloud service and data center providers.
The flaws could enable attackers to execute code, bypass authentication, and perform user enumeration. The first two flaws are very severe due to giving attackers access to an administrative shell without requiring further escalation.
The most severe of the three flaws, CVE-2022-40259, requires prior access to at least a low-privileged account to perform the API call-back. The vulnerabilities could cause data manipulation, data breaches, service outage, business interruption, and more.
MegaRAC BMC firmware is used by at least 15 server manufacturers, including AMD, Ampere Computing, ASRock, Asus, ARM, Dell EMC, Gigabyte, Hewlett-Packard Enterprise, Huawei, Inspur, Lenovo, Nvidia, Qualcomm, Quanta, and Tyan.
System admins are advised to disable remote administration options and add remote authentication steps where possible. Additionally, they should minimize the external exposure of server management interfaces like Redfish and ensure that the latest available firmware updates are installed on all systems.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.