Researchers say Supermicro servers powered by Supermicro motherboards can be compromised by virtually plugging in malicious USB devices. The attack leverages several newly discovered vulnerabilities in the firmware of BMC controllers that could let an unauthorized, remote attacker connect to a Supermicro server and virtually mount malicious USB device. Supermicro has released a firmware update for their X9, X10 and X11 platforms before September 3rd. The company acknowledged the issues in August and publicly released a software update for the company’s X9 and X10 platforms.
Source: https://thehackernews.com/2019/09/hacking-bmc-server.html