‘USBAnywhere’ Bugs Open Supermicro Servers to Remote Attackers

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,055
Authentication vulnerabilities in the baseboard management controllers (BMCs) of Supermicro X9-X11 servers have been discovered that allow a remote attacker to easily connect to a server and mount any virtual USB device of their choosing.

The bugs, collectively dubbed USBAnywhere, allow an attacker to obtain credentials for the BMCs. Once obtained, an attacker can then perform a range of USB-based attacks against the server remotely, including data exfiltration, booting from untrusted OS images or direct manipulation of the system via a virtual keyboard and mouse, according to researchers at Eclypsium.

By design, BMCs are intended to allow administrators to perform out-of-band management of a server, and as a result are highly privileged components. Gaining access to them gives an attacker an avenue to potentially a trove of corporate assets.
“BMCs provide virtually omnipotent control over a server and its contents,” the researchers said in a paper released on Tuesday detailing the bugs.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top