Vulnerability in Supermicro BMC-controller allows access to control interface passwords

    A vulnerability has been identified in the BMC (Baseboard Management Controller) chip used in Supermicro motherboards that could allow an attacker to gain access to passwords for entering the control interface. The problem is caused by the fact that the contents of the password file are displayed among the binary data block, which can be obtained without authentication via the network port 49152. The operation technique is very simple, just connect to port 49152 and execute the “GET / PSBlock” command. Passwords are issued in clear text, without hashing.

    Security researchers who discovered the vulnerability warn that they were able to detect 31,964 servers in the network that are affected by this problem, with 3296 (10%) of these systems using default passwords. The IPMI interface provided by the BMC controller provides tools for monitoring and controlling equipment, including the ability to monitor the status of sensors, manage power, firmware and disks, remotely download its own OS via the network, organize the work of the remote access console to attack the base OS and BIOS settings changes.

    You can check your server by trivially connecting to a vulnerable port using telnet:
    telnet ip_ipmi 49152

    GET /PSBlock

    if you saw your passwords in the response text, then you should think about updating the firmware.

    A source...

    Download firmware updates, please follow the link.

    Only registered users can participate in the survey. Please come in.

    Have you identified a vulnerability on your servers?

    • 50% unfortunately yes 143
    • 50% no, I always update firmware 143 in a timely manner

    Also popular now: