Blog | G5 Cyber Security

Firmware Bugs Plague Server Supply Chain, 7 Vendors Impacted

Two vulnerabilities impacting Lenovo, Acer and five server brands allow adversaries to brick servers, run arbitrary code on targeted systems and maintain a persistent foothold surviving even an operating system reinstallation. The bugs are tied to Gigabyte motherboards used in the vulnerable servers. The culprit is firmware for a motherboard component called a Baseboard Management Controller (BMC), which is used for subsystem management and monitoring. Server-makers using the vulnerable BMC firmware are Lenovo,. Acer, AMAX, Bigtera,. Ciara, Penguin Computing and.sysGen.

Source: https://threatpost.com/firmware-bugs-plague-supply-chain/146519/

Exit mobile version