• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
additional supply chain vulnerabilities uncovered in ami megarac bmc software

Additional Supply Chain Vulnerabilities Uncovered in AMI MegaRAC BMC Software

You are here: Home / General Cyber Security News / Additional Supply Chain Vulnerabilities Uncovered in AMI MegaRAC BMC Software
February 1, 2023

Two extra offer chain security flaws have been disclosed in AMI MegaRAC Baseboard Management Controller (BMC) software, just about two months immediately after three security vulnerabilities ended up brought to light-weight in the similar solution.

Firmware security agency Eclypsium mentioned the two shortcomings have been held again until finally now to offer AMI extra time to engineer acceptable mitigations.

The issues, collectively tracked as BMC&C, could act as springboard for cyber attacks, enabling risk actors to obtain distant code execution and unauthorized system obtain with superuser permissions.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


The two new flaws in concern are as follows –

  • CVE-2022-26872 (CVSS rating: 8.3) – ​​Password reset interception by means of API
  • CVE-2022-40258 (CVSS rating: 5.3) – Weak password hashes for Redfish and API

Particularly, MegaRAC has been observed to use the MD5 hashing algorithm with a world-wide salt for older units, or SHA-512 with for each person salts on newer appliances, possibly permitting a menace actor to crack the passwords.

CVE-2022-26872, on the other hand, leverages an HTTP API to dupe a user into initiating a password reset by means of a social engineering attack, and set a password of the adversary’s choice.

CVE-2022-26872 and CVE-2022-40258 add to 3 other vulnerabilities disclosed in December, such as CVE-2022-40259 (CVSS score: 9.9), CVE-2022-40242 (CVSS rating: 8.3), and CVE-2022-2827 (CVSS rating: 7.5).

It is really value pointing out that the weaknesses are exploitable only in situations in which the BMCs are exposed to the internet or in conditions the place the threat actor has previously attained first entry into a data heart or administrative network by other solutions.

The blast radius of BMC&C is at this time mysterious, but Eclypsium said it can be operating with AMI and other functions to identify the scope of impacted products and solutions and expert services.

Gigabyte, Hewlett Packard Enterprise, Intel, and Lenovo have all produced updates to address the security defects in their gadgets. NVIDIA is envisioned to ship a repair in May well 2023.

“The effects of exploiting these vulnerabilities incorporate distant regulate of compromised servers, distant deployment of malware, ransomware and firmware implants, and server actual physical problems (bricking),” Eclypsium famous.

Found this post exciting? Observe us on Twitter  and LinkedIn to browse more distinctive content we post.


Some sections of this write-up are sourced from:
thehackernews.com

Previous Post: «Cyber Security News GitHub Confirms Signing Certificates Stolen in Cyber-Attack, Revokes Them
Next Post: Hackers Abused Microsoft’s “Verified Publisher” OAuth Apps to Hack Corporate Email Accounts hackers abused microsoft's "verified publisher" oauth apps to hack corporate»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • CISA Unveils Ransomware Notification Initiative
  • WooCommerce Patches Critical Plugin Flaw Affecting Half a Million Sites
  • GitHub Updates Security Protocol For Operations Over SSH
  • Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
  • Some GitHub users must take action after RSA SSH host key exposed
  • THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
  • Pension Protection Fund confirms employee data exposed in GoAnywhere breach
  • GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations
  • Now UK Parliament Bans TikTok from its Network and Devices
  • IRS Phishing Emails Used to Distribute Emotet

Copyright © TheCyberSecurity.News, All Rights Reserved.