• caglararli@hotmail.com
  • 05386281520

‘USBAnywhere’ Bugs Open Supermicro Servers to Remote Attackers

Çağlar Arlı      -    48 Views

‘USBAnywhere’ Bugs Open Supermicro Servers to Remote Attackers

Authentication vulnerabilities in the baseboard management controllers (BMCs) of Supermicro X9-X11 servers have been discovered that allow a remote attacker to easily connect to a server and mount any virtual USB device of their choosing.

The bugs, collectively dubbed USBAnywhere, allow an attacker to obtain credentials for the BMCs. Once obtained, an attacker can then perform a range of USB-based attacks against the server remotely, including data exfiltration, booting from...
‘USBAnywhere’ Bugs Open Supermicro Servers to Remote Attackers