"Firmware Vulnerabilities in Millions of Computers Could Give Hackers Superuser Status"
Two years ago, ransomware criminals breached the hardware manufacturer Gigabyte and released over 112 GB of data, including information from Intel and AMD, two of its most important supply chain partners. Researchers now warn that the leaked information exposed critical zero-day vulnerabilities that could threaten much of the computing world. The vulnerabilities exist within the firmware AMI makes for Baseboard Management Controllers (BMCs). BMCs enable cloud centers and sometimes their customers to streamline the remote management of vast fleets of computers. They allow administrators to remotely reinstall operating systems, install and deactivate applications, and more. Researchers from the security company Eclypsium analyzed the leaked AMI firmware from the 2021 ransomware attack and discovered vulnerabilities that had remained dormant for years. They can be exploited by any local or remote adversary with access to the industry-standard remote management interface Redfish to execute malicious code that will run on every server inside a data center. This article continues to discuss the new AMI BMC vulnerabilities.