Quanta Cloud Expertise (QCT) servers have been recognized as susceptible to the extreme “Pantsdown” Baseboard Administration Controller (BMC) flaw, in response to new analysis revealed at this time.
“An attacker working code on a susceptible QCT server would be capable to ‘hop’ from the server host to the BMC and transfer their assaults to the server administration community, probably proceed and procure additional permissions to different BMCs on the community and by doing that having access to different servers,” firmware and {hardware} safety agency Eclypsium said.
A baseboard administration controller is a specialised system used for distant monitoring and administration of servers, together with controlling low-level {hardware} settings in addition to putting in firmware and software program updates.
Tracked as CVE-2019-6260 (CVSS rating: 9.8), the critical security flaw got here to gentle in January 2019 and pertains to a case of arbitrary learn and write entry to the BMC’s bodily handle area, leading to arbitrary code execution.
Profitable exploitation of the vulnerability can present a risk actor with full management over the server, making it attainable to overwrite the BMC firmware with malicious code, deploy persistent malware, exfiltrate knowledge, and even brick the system.
Impacted QCT server fashions embody D52BQ-2U, D52BQ-2U 3UPI, D52BV-2U, which include BMC model 4.55.00 that runs a model of BMC software program susceptible to
Pantsdown. Following accountable disclosure on October 7, 2021, a patch has been made privately out there to clients on April 15.
The truth that a three-year-old weak point nonetheless continues to exist underscores the necessity to fortify firmware-level code by applying updates in a well timed trend and usually scanning the firmware for potential indicators of compromise.
Firmware safety is especially essential in gentle of the truth that parts like BMC have emerged as a profitable goal of cyberattacks aimed toward planting stealthy malware equivalent to iLOBleed that is designed to utterly wipe a sufferer server’s disks.
To mitigate such dangers, it is reminded that organizations counting on QCT merchandise ought to confirm the integrity of their BMC firmware and replace the element to the newest model as and when the fixes change into out there.
“Adversaries are getting more and more comfy wielding firmware-level assaults,” the corporate stated. “What’s vital to notice is how information of firmware-level exploits has elevated through the years: what was troublesome in 2019 is sort of trivial at this time.”