Some Supermicro servers are vulnerable to unauthorized virtual USB mounting attacks that can be carried out remotely. Many of the affected servers are on internal networks but researchers say they found as many as 47,000 of them exposed on the internet. Researchers at firmware hardware security firm Eclypsium found that on some Supermicro platforms the virtual media service responsible for this action is insecure over a remote connection. The service authenticates clients using a custom packet-based format and move the USB packets between the client and the server.
Source: https://www.bleepingcomputer.com/news/security/usbanywhere-bugs-in-supermicro-servers-allow-remote-usb-access/