QID 378683

QID 378683: AMI-powered BMCs Firmware Vulnerabilities (AMI-SA-2023006)

AMI firmware leaked in the 2021 Ransomware attack can be exploited by any local or remote attacker with access to an industry-standard remote-management interface known as Redfish to execute malicious code that will run on every server inside a data center. There is NO patch available for these vulnerabilities. QID Detection Logic:

Until the vulnerabilities are patched using an update AMI malicious hackers gain superuser status inside some of the most sensitive cloud environments in the world. Successful attackers could perform unauthenticated remote code execution and unauthorized device access with superuser permissions.

CVSS V3 rated as Critical - 8.8 severity.

CVSS V2 rated as Medium - 5.8 severity.

Solution

Vendor References

AMI-SA-2023006 - 9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf

CVEs related to QID 378683

CVE-2023-34329 | CVE-2023-34330 |

Software Advisories

Advisory ID	Software	Component	Link

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].