A lot can go wrong with corporate network security, but hopefully at a minimum people know not to plug strange USB sticks into network computers. But it turns out that an attacker could exploit flaws in a type of remote management device to plug in all the "virtual" thumb drives they want. And the same type of attack can turn pretty much any USB device into a virtual trojan horse.
In new findings presented at the Open Source Firmware Conference in Silicon Valley on Tuesday, though, researchers from the security firm Eclypsium are detailing vulnerabilities in a number of Supermicro baseboard management controllers. Those are special processors installed on server motherboards to give system administrators hardware-level management powers from afar. That comes in handy when admins need to do things like load old software onto a server from a CD, or upgrade an operating system from an image on an external hard drive. BMCs facilitate that without the need to physically plug anything into the server itself. The server will just think that a device is directly connected.
The researchers found, though, that the BMCs on Supermicro X9, X10, and X11 platforms contain flaws that can be exploited to weaponize this legitimate function. An attacker could potentially exfiltrate data to a thumb drive or external hard drive, replace a server's operating system with a malicious one, or even take the server down. Attackers can take advantage of the flaw when they already have corporate network access to gain deeper control by moving laterally onto a BMC. But they can also launch these attacks remotely if organizations leave their BMCs accessible on the open internet—like the more than 47,000 exposed BMCs the researchers found in a recent sweep.
"There’s an assumption in many secu ..
Support the originator by clicking the read the rest link below.
