Supermicro BMC USBAnywhere Vulnerability

 In Security Alerts

SYSTEMS AFFECTED

  •  Supermicro BMC

 

THREAT LEVEL

  • Medium

OVERVIEW

Researchers have identified vulnerabilities in the Virtual Media function of Supermicro BMCs. BMC/IPMI Virtual Media is a feature of the Virtual Console that enables users to attach a CD/DVD image to the server as a virtual CD/DVD drive. These vulnerabilities include plaintext authentication, weak encryption, and authentication bypass within the Virtual Media capabilities. [1]

DESCRIPTION

The USBAnywhere flaws make it so the virtual USB drive acts in the same way a physical USB would, meaning an attacker could load a new operating system image, deploy malware or disable the target device. However, the researchers noted the attacks would be possible on systems where the BMCs are directly exposed to the internet or if an attacker already has access to a corporate network.

SOLUTION

  • Isolate BMC on a private isolated network
  • Block TCP port 623 [3]
  • Upgrade to latest firmware[4]

 

REFERENCE

  1. https://www.supermicro.com/support/security_BMC_virtual_media.cfm
  2. https://searchsecurity.techtarget.com/news/252470176/USBAnywhere-vulnerabilities-put-Supermicro-servers-at-risk
  3. https://www.supermicro.com/support/Disable_Port_TCP_623_Instructions.pdf
  4. https://www.supermicro.com/support/security_Intel-SA.cfm?pg=X11#tab

CREDITS

@Eclypsium

DISCLAIMER

The information provided herein is on “as is” basis, without warranty of any kind.

Recent Posts
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt