Asus patches security flaw which could have bricked servers

Date:
Thu, 24 Apr 2025 13:09:00 +0000

Description:
The bug could also be used for malware and ransomware infections.

FULL STORY ======================================================================American
Megatrends International released a fix for MegaRAC Baseboard Management Controller (BMC) Different OEMs are now implementing the fix in their
products ASUS released a patch to address the bug

Asus has patched a security flaw which could have bricked servers.

The flaw is tracked as CVE-2024-54085, and has the maximum severity flaw - 10/10. As the company explained, it affects American Megatrends
Internationals (AMI) MegaRAC Baseboard Management Controller (BMC), a
firmware solution that enables out-of-band, or lights-out remote server management.

With BMC, admins can monitor, troubleshoot, and control servers even when theyre turned off.

Get Keeper Personal for just $1.67/month, Keeper Family for just
$3.54/month, and Keeper Business for just $7/month

Keeper is a cybersecurity platform primarily known for its password manager and digital vault, designed to help individuals, families, and businesses securely store and manage passwords, sensitive files, and other private data.

It uses zero-knowledge encryption and offers features like two-factor authentication, dark web monitoring, secure file storage, and breach alerts
to protect against cyber threats.

Preferred partner ( What does this mean? ) View Deal Remote control

AMIs SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface, it says on the CVEs NVD page. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.

BMC is used by over a dozen server hardware vendors, including HPE, Asus, and ASRock.

Security researchers from Eclypsium, who wrote an in-depth report about the bug, said it could be abused in malware infections and even ransomware attacks:

"Exploitation of this vulnerability allows an attacker to remotely control
the compromised server, remotely deploy malware , ransomware, firmware tampering, bricking motherboard components (BMC or potentially BIOS/UEFI), potential server physical damage (over-voltage / bricking), and indefinite reboot loops that a victim cannot stop."

AMI released a patch in mid-March, it was said, but it took OEMs time to implement it. HPE, for example, published a security bulletin on March 20, addressing the vulnerability for HPE Cray XD670 server. This bulletin also confirmed that the vulnerability could be remotely exploited to allow authentication bypass. Additionally, reports indicate that HPE has released security updates for their products that integrate AMIs fix for CVE-2024-54085.

ASUS has now addressed the bug on four motherboards.

Users are advised to upgrade their BMC firmware to these versions:

PRO WS W790E-SAGE SE version 1.1.57
PRO WS W680M-ACE SE version 1.1.21
PRO WS WRX90E-SAGE SE version 2.1.28
Pro WS WRX80E-SAGE SE WIFI version 1.34.0

Since this is a maximum-severity flaw that allows ransomware infections,
users are advised to apply the update without delay.

Via BleepingComputer You might also like This large-scale hack could affect millions of servers across the world Take a look at our guide to the best authenticator app We've rounded up the best password managers



======================================================================
Link to news story: https://www.techradar.com/pro/security/asus-patches-security-flaw-which-could- have-bricked-servers


--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)