Eclypsium security researchers have found a new set of vulnerabilities in the management control firmware used on some Supermicro motherboards. As a result, more than 47,000 of the manufacturer’s servers are vulnerable to attacks.
The vulnerabilities have been named USBAnywhere by the researchers. The errors are in the company’s X9, X10 and X11 boards, writes SiliconAngle.
The vulnerabilities allow hackers to mount a virtual USB drive. The attacker can then, among other things, implant malware and change server settings. The attack can be carried out remotely.
According to the researchers, threats at this level can easily undermine traditional security measures. This puts the device and the integrity of the data on the device at risk. For this reason, organizations must treat these layers of security with the attention they deserve.
Series of errors
The vulnerabilities of USBAnywhere are the result of a series of errors that Supermicro made when designing a Java application. That application is used by the baseboard management controllers in the servers.
The application allows plain-text authentication and does not encrypt network traffic by default. If the encryption is enabled, it is weak and can be cracked by attackers. There are also possibilities to bypass authentication if a user has first authenticated to the virtual media service and then disconnected.
The internal state is linked to the socket file descriptor number of a user. A new user who receives the same number from the BMC’s operating system inherits that internal state, according to the researchers.
Eclypsium reported the vulnerabilities to Supermicro before announcing them. The two companies have worked together on solutions to the problems, which can now be downloaded from Supermicro’s Security Center.
All organizations that use Supermicro X, X10 or X11 are advised to patch their servers as soon as possible.