Security News > 2019 > September > BMC vulnerabilities in Supermicro servers allow remote takeover, data exfiltration attacks

A slew of vulnerabilities affecting the baseboard management controllers (BMCs) of Supermicro servers could be exploited by remote attackers to gain access to corporate networks, Eclypsium researchers have discovered. The flaws, collectively dubbed USBAnywhere, could allow attackers to connect to a server and connect a device to it remotely, over any network including the Internet, as if they had physical access to a server’s USB port. What are baseboard management controllers? BMCs are specialized microcontrollers … More → The post BMC vulnerabilities in Supermicro servers allow remote takeover, data exfiltration attacks appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/NLO9BU6Q4wA/
Related news
- New BPFDoor Controller Enables Stealthy Lateral Movement in Linux Server Attacks (source)
- Hitachi Vantara takes servers offline after Akira ransomware attack (source)
- Airplay-enabled devices open to attack via “AirBorne” vulnerabilities (source)
- Samsung MagicINFO 9 Server RCE flaw now exploited in attacks (source)
- Chinese hackers behind attacks targeting SAP NetWeaver servers (source)
- Ivanti Patches EPMM Vulnerabilities Exploited for Remote Code Execution in Limited Attacks (source)
- Premium WordPress 'Motors' theme vulnerable to admin takeover attacks (source)
- China-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and Brazil (source)