Dell has reassured its customers that its systems are not impacted by the MegaRAC vulnerability. This is because Dell utilizes its own Integrated Dell Remote Access Controller (iDRAC) in its servers.
How could cyber attackers take advantage of this vulnerability? Eclypsium, the company that uncovered the flaw in 2024, provided additional insights into the issue a week after the patch was released by AMI. According to Eclypsium researchers, the vulnerability primarily affects AMI’s BMC software stack, which has downstream implications for over a dozen manufacturers due to AMI’s position in the BIOS supply chain.
Rated as a critical flaw with a severity score of 10 on the CVSS scale, the vulnerability enables attackers to bypass authentication via the Redfish interface. This could lead to severe consequences such as remote server control, deployment of malware or ransomware, and destructive actions like unstoppable reboot loops or bricked motherboards.
Despite the potential risks associated with this vulnerability, there have been no reported cases of exploitation thus far. However, the importance of promptly addressing and patching such vulnerabilities cannot be overstated.
One of the key challenges highlighted by the delayed response to CVE-2024-54085 is the intricate nature of the patching process, particularly when multiple vendors are involved in the software supply chain. Effective and timely patching is crucial in mitigating the risks posed by vulnerabilities like the MegaRAC issue.
