A new vulnerability has been found that may enable hackers to capture data that companies store in the cloud. This is a vulnerability called Cloudborne, which affects certain components of the motherboard of servers that are often found in cloud provider data centers.
Researchers from the company Eclypsium described the Cloudborne vulnerability in an extensive article. The vulnerability has to do with so-called baseboard management controllers (BMCs) that usually belong to the motherboard of servers. These are specialized chips that allow system administrators to make changes to a server, even if that server is not turned on.
Multiple vulnerabilities
BMCs are especially useful for detecting problems, for example, when a device does not start up. They make it possible to modify a server’s firmware, change certain settings or reinstall a complete operating system if necessary. But there are risks associated with these chips.
In recent years, researchers have discovered several problems that allow hackers to access and disable servers. Many of the vulnerabilities affect Super Micro Computer products, which is known as one of the largest providers of server motherboards for cloud providers and companies.
Update Firmware
Cloudborne poses a threat when a vulnerable Super Micro motherboard is built into a bare-metal cloud server. These are machines that providers of infrastructure-as-a-service use for their services. A company often rents a bare metal server, because it doesn’t have to share it with other customers, which is the case with an ‘ordinary’ cloud server. But at the end of the day, it is still a server that can be used by multiple customers. After all, if one customer cancels his contract, the server will continue to the next customer.
According to Eclypsium’s experts, Cloudborne can be exploited if the provider of such a bare metal server does not completely reinstall the firmware before this server changes customers. This makes it possible for hackers to install a backdoor in that bare-metal server, or to infect it with malware and then hack multiple customers.
Several providers have to deal with the vulnerability and Intel, among others, has already announced that it is working on a solution to the problems.
This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.
16 hours ago
