A critical vulnerability has been discovered in AMI’s MegaRAC software, which is used in Baseboard Management Controllers (BMCs) across multiple server vendors. This flaw, identified as CVE-2024-54085, allows remote attackers to bypass authentication on the Redfish interface, potentially exposing cloud infrastructure and data centers to severe risks. The vulnerability was uncovered by Eclypsium, building on … Continue reading Critical AMI BMC Flaw Allows Remote Attackers to Bypass Authentication