Vulnerabilities in the firmwares firmware and weaknesses in the reclamation process open the door for firmware implants and rootkits to be passed from one customer to the next. This could lead to damage and disruption to critical applications and the theft of private data. Firmware vulnerabilities and threats apply to all service providers, and we expect this area of research to remain very active based on the growing importance of cloud services. We look forward to working with other organizations and researchers to help identify and fix any issues found in the course of our research.”]
Source: https://eclypsium.com/2019/01/26/the-missing-security-primer-for-bare-metal-cloud-services/