all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Years-Old Vulnerability in AMI MegaRAC BMCs Impacts Intel and Lenovo Hardware

Add to bookmarks
April 17, 2024, 11:55 a.m. | Livia Gyongyoși

Heimdal Security Blog heimdalsecurity.com

Researchers discovered an overlooked vulnerability in Lighttpd web server that is used in Baseboard Management Controllers (BMCs). The flaw impacts hardware vendors that use AMI MegaRAC BMCs, like Intel, Lenovo and Supermicro. Although developers discovered and fixed the Lighttpd flaw back in 2018, the vulnerability didn’t get a CVE. Further on, Lighttpd users, like AMI […]


The post Years-Old Vulnerability in AMI MegaRAC BMCs Impacts Intel and Lenovo Hardware appeared first on Heimdal Security Blog.

ami back bmcs controllers cve cybersecurity news developers flaw hardware intel lenovo management megarac old researchers server supermicro vendors vulnerability web web server

Visit resource

More from heimdalsecurity.com / Heimdal Security Blog

Patch Now! CrushFTP Zero-day Lets Attackers Download System Files 6 days, 8 hours ago | heimdalsecurity.com
attackers critical crushftp customers +22
MITRE Breached – Hackers Chained 2 Ivanti Zero-days to Compromise VPN 6 days, 11 hours ago | heimdalsecurity.com
attack authentication authentication bypass breach +30
A System Administrator’s Challenges in Patch Management 6 days, 12 hours ago | heimdalsecurity.com
administrator alex benefits challenges +13
Free and Downloadable Account Management Policy Template 1 week ago | heimdalsecurity.com
account accounts business data +16
Atera vs. ConnectWise: Head-to-Head Comparison (And Alternative) 1 week, 1 day ago | heimdalsecurity.com
article atera balance complexity +11
NinjaOne vs. Atera: A Deep Comparison Between the Solutions 1 week, 4 days ago | heimdalsecurity.com
atera business critical customers +22
Deceptive Google Ads Mimic IP Scanner Software to Push Backdoor 1 week, 4 days ago | heimdalsecurity.com
ads backdoor campaign cybersecurity +16
CrowdStrike vs. SentinelOne: Which One Is Better For Endpoint Security? 1 week, 5 days ago | heimdalsecurity.com
business can crowdstrike cybersecurity +13
Surge in Botnets Exploiting CVE-2023-1389 to Infect TP-Link Archer Routers 1 week, 6 days ago | heimdalsecurity.com
bleeping computer botnet botnets command +24

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Emergency Management Invoice Compliance Reviewer

@ AC Disaster Consulting | Denver, Colorado, United States - Remote
View on infosec-jobs.com

Threat Intelligence Librarian

@ Microsoft | Cheltenham, Gloucestershire, United Kingdom
View on infosec-jobs.com

Cyber Content Operations Manager - Remote in UK

@ Immersive Labs | United Kingdom
View on infosec-jobs.com

(Junior) Security Engineer (m/w/d)

@ CHECK24 | Berlin, Germany
View on infosec-jobs.com

Cyber Security

@ Necurity Solutions | Bengaluru, Karnataka, India
View on infosec-jobs.com
View more jobs