A slew of vulnerabilities affecting the baseboard management controllers (BMCs) of Supermicro servers could be exploited by remote attackers to gain access to corporate networks, Eclypsium researchers have discovered.
The flaws, collectively dubbed USBAnywhere, could allow attackers to connect to a server and connect a device to it remotely, over any network including the Internet, as if they had physical access to a server’s USB port.
What are baseboard management controllers?
BMCs are specialized microcontrollers embedded on a server’s motherboard that allow sysadmins to perform low-level tasks without having to go where the server is located.
BMCs receive information from the various sensors built into the computer, allowing system administrators to be notified if something goes physically wrong with the system (e.g., overheating) and do something about it remotely.
They also allow sysa ..
Support the originator by clicking the read the rest link below.
