Vulnerability cyber

AMI

Mar 20, 2025 1 min read
AMI

Security researchers have identified a critical vulnerability in AMI’s MegaRAC software, known as CVE-2024-54085. This defect allows attackers to remotely bypass authentication, thereby threatening the integrity of myriad data center equipment and servers, and potentially jeopardizing the security of cloud infrastructures globally. The vulnerability was found in the Redfish interface, influencing a range of servers like HPE Cray XD670 and Asus RS720A-E11-RS24U. Approximate findings suggest around 1,000 instances vulnerable on the public internet. The exposure of this vulnerability has severe consequences, enabling attackers to commandeer servers, install malicious software, interfere with hardware, and cause other destabilizing actions, leading to significant operational disruption and potential data loss for affected organizations.

Source: https://cybersecuritynews.com/critical-ami-bmc-vulnerability/

TPRM report: https://scoringcyber.rankiteo.com/company/ami

"id": "ami444032025",
"linkid": "ami",
"type": "Vulnerability",
"date": "3/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Technology',
                        'name': 'AMI',
                        'type': 'Organization'}],
 'attack_vector': 'Remote Authentication Bypass',
 'description': 'A critical vulnerability (CVE-2024-54085) in AMI’s MegaRAC '
                'software allows attackers to remotely bypass authentication, '
                'threatening the integrity of data center equipment and '
                'servers, and potentially jeopardizing the security of cloud '
                'infrastructures globally. The vulnerability was found in the '
                'Redfish interface, affecting servers like HPE Cray XD670 and '
                'Asus RS720A-E11-RS24U. Approximately 1,000 instances are '
                'vulnerable on the public internet.',
 'impact': {'operational_impact': 'Significant operational disruption and '
                                  'potential data loss',
            'systems_affected': ['HPE Cray XD670', 'Asus RS720A-E11-RS24U']},
 'initial_access_broker': {'entry_point': 'Redfish interface'},
 'post_incident_analysis': {'root_causes': 'Vulnerability in AMI’s MegaRAC '
                                           'software'},
 'title': 'Critical Vulnerability in AMI’s MegaRAC Software (CVE-2024-54085)',
 'type': 'Vulnerability Exploitation',
 'vulnerability_exploited': 'CVE-2024-54085'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.