Eclypsium researchers discovered two new vulnerabilities in the American Megatrends (AMI) MegaRAC Baseboard Management Controller (BMC) software. The firmware and hardware security company stated that the flaws could allow attackers to hijack the systems and cause physical damage.
The BMC software allows administrators to remotely control devices and bypass operating systems. Specifically, it is capable of updating firmware, installing new operating systems, and analyzing logs. Many companies utilize AMI’s BMC software, including Asus, Dell, Gigabyte, HPE, Huawei, Lenovo, Nvidia, and Qualcomm. One bug, tagged as CVE-2023-34329, is a critical authentication bypass flaw vulnerable to spoofed HTTP headers. The other, tagged as CVE-2023-34330, is a code injection flaw. If an attacker were to exploit both flaws they could access BMC management interfaces without credentials and remotely upload and execute arbitrary code. Interfaces exposed to the internet are particularly vulnerable to remote code execution. Eclypsium has not found any active exploitation efforts or proof-of-concept publications.
Read More:
