Firmware vulnerabilities in bare-metal cloud servers let attackers install malware and backdoors. Researchers at Eclypsium are releasing a report on firmware security issues they believe represent “a fundamental gap” in cloud infrastructure security. Their findings show baseboard management controllers (BMC) built into cloud servers could put customers at risk. The vulnerability, which they dubbed Cloudborne, is in the BMC a privileged component used to manage the server. The study is based on IBM SoftLayer technology, they emphasize other providers may be exposed.”]
Source: https://www.darkreading.com/cloud/-cloudborne-bare-metal-cloud-servers-vulnerable-to-attack