New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking

2025-03-18 13:31

A critical security vulnerability has been disclosed in AMI's MegaRAC Baseboard Management Controller (BMC) software that could allow an attacker to bypass authentication and carry out post-exploitation actions. The vulnerability, tracked as CVE-2024-54085, carries a CVSS v4 score of 10.0, indicating maximum severity. "A local or remote attacker can exploit the vulnerability by accessing the

News URL

https://thehackernews.com/2025/03/new-critical-ami-bmc-vulnerability.html

#critical #remote #server #takeover #vulnerability #CVE-2024-54085

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2025-03-11	CVE-2024-54085	AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface.	0.0

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
BMC		14	0	16	15	12	43
AMI		5	0	6	30	6	42

News URL

Related news

Related Vulnerability

Related vendor