{"id":37472,"date":"2025-03-24T01:07:42","date_gmt":"2025-03-24T00:07:42","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=37472"},"modified":"2025-03-24T01:07:42","modified_gmt":"2025-03-24T00:07:42","slug":"critical-ami-bmc-vulnerability-cve-2024-54085-allows-server-takeover","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2025\/03\/24\/critical-ami-bmc-vulnerability-cve-2024-54085-allows-server-takeover\/","title":{"rendered":"Critical AMI-BMC vulnerability CVE-2024-54085 allows server takeover"},"content":{"rendered":"

\"Sicherheit[German<\/a>]Brief warning or information for administrators who use AMI MegaRAC BMC. The company has already published a security warning on March 11, 2025. There is a critical vulnerability CVE-2024-54085 (CVSS v4 score of 10.0), which should allow a remote server takeover or even \"bricking\" a server.<\/p>\n

<\/p>\n

I became aware of the issue with the vulnerability CVE-2024-54085<\/a> via the following tweet. The Hacker News has taken up the topic in this article<\/a>.\u00a0\"AMI-BMC<\/p>\n

The BIOS\/UEFI developer AMI warns of a vulnerability in the AMI MegaRAC BMC. The vulnerability in the AMI MegaRAC SPx firmware allows an attacker to bypass the authentication of the BMC remotely via the Redfish host interface. Successful exploitation of this vulnerability can lead to a loss of confidentiality, integrity and\/or availability. Eclypsium has published more details in this article<\/a> and names affected devices.<\/p>\n","protected":false},"excerpt":{"rendered":"

[German]Brief warning or information for administrators who use AMI MegaRAC BMC. The company has already published a security warning on March 11, 2025. There is a critical vulnerability CVE-2024-54085 (CVSS v4 score of 10.0), which should allow a remote server … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[448,580,1547],"tags":[642,69,1544],"class_list":["post-37472","post","type-post","status-publish","format-standard","hentry","category-devices","category-security","category-software","tag-devices","tag-security","tag-software"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/37472","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=37472"}],"version-history":[{"count":1,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/37472\/revisions"}],"predecessor-version":[{"id":37473,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/37472\/revisions\/37473"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=37472"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=37472"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=37472"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}