Dell, alternatively, has confirmed that its programs are unaffected by the MegaRAC situation, because it makes use of its personal Built-in Dell Distant Entry Controller (iDRAC) in its servers.
How may attackers exploit the flaw?
Every week after the patch was posted by AMI in March, Eclypsium, the corporate that found the vulnerability in late 2024, printed extra particulars of its internal workings:
“To our data, the vulnerability solely impacts AMI’s BMC software program stack. Nonetheless, since AMI is on the high of the BIOS provide chain, the downstream affect impacts over a dozen producers,” wrote Eclypsium researchers.
The flaw, scored on the most severity of 10, is designated a ‘important’ flaw on CVSS. It could permit bypass authentication by the Redfish interface, based on Eclypsium, with a vary of outcomes, together with distant management of the server, deployment of malware/ransomware, and damaging actions corresponding to unstoppable reboot loops and even bricked motherboards.
Briefly, it could not be a superb day for victims, though no exploitation of the vulnerability has to date been detected. However as with all software program vulnerability, what counts is the velocity and ease with which it’s patched.
The primary situation illustrated by the apparently sluggish response to CVE-2024-54085 is the complexity of the patching course of when the software program concerned is a part of a provide chain involving multiple vendor.
