Security News > 2022 > May > Critical 'Pantsdown' BMC Vulnerability Affects QCT Servers Used in Data Centers

"An attacker running code on a vulnerable QCT server would be able to 'hop' from the server host to the BMC and move their attacks to the server management network, possibly continue and obtain further permissions to other BMCs on the network and by doing that gaining access to other servers," firmware and hardware security firm Eclypsium said.

A baseboard management controller is a specialized system used for remote monitoring and management of servers, including controlling low-level hardware settings as well as installing firmware and software updates.

Successful exploitation of the vulnerability can provide a threat actor with full control over the server, making it possible to overwrite the BMC firmware with malicious code, deploy persistent malware, exfiltrate data, and even brick the system.

Impacted QCT server models include D52BQ-2U, D52BQ-2U 3UPI, D52BV-2U, which come with BMC version 4.55.00 that runs a version of BMC software vulnerable to.

Firmware security is particularly crucial in light of the fact that components like BMC have emerged as a lucrative target of cyberattacks aimed at planting stealthy malware such as iLOBleed that's designed to completely wipe a victim server's disks.

To mitigate such risks, it's reminded that organizations relying on QCT products should verify the integrity of their BMC firmware and update the component to the latest version as and when the fixes become available.

News URL

https://thehackernews.com/2022/05/critical-pantsdown-bmc-vulnerability.html