AMI MegaRAC flaws affect many cloud service providers’ servers
By MYBRANDBOOK
Three vulnerabilities naming CVE-2022-40259, CVE-2022-40242 and CVE-2022-2827 in the American Megatrends MegaRAC Baseboard Management Controller (BMC) software impact server equipment used in many cloud service and data center providers.
The flaws could enable attackers to execute code, bypass authentication, and perform user enumeration. The first two flaws are very severe due to giving attackers access to an administrative shell without requiring further escalation.
The most severe of the three flaws, CVE-2022-40259, requires prior access to at least a low-privileged account to perform the API call-back. The vulnerabilities could cause data manipulation, data breaches, service outage, business interruption, and more.
MegaRAC BMC firmware is used by at least 15 server manufacturers, including AMD, Ampere Computing, ASRock, Asus, ARM, Dell EMC, Gigabyte, Hewlett-Packard Enterprise, Huawei, Inspur, Lenovo, Nvidia, Qualcomm, Quanta, and Tyan.
System admins are advised to disable remote administration options and add remote authentication steps where possible. Additionally, they should minimize the external exposure of server management interfaces like Redfish and ensure that the latest available firmware updates are installed on all systems.
The government of India intends to construct a single portal f
A single portal will be launched by the Indian government to list all of it...
OpenAI offers GPT-4o, a faster model available to all users at
GPT-4o, a faster and more sophisticated AI model, is made available to all...
Paytm brings UPI Lite Wallet for low-value transactions
Paytm’s parent company One97 Communications (OCL) is emphasizing upon UP...
BHIM to join e-commerce, competing with PhonePe and Google Pay
The government-supported payment software BHIM is getting ready to join t...
SAMSUNG INDIA ELECTRONICS PVT. LTD.
FRESHWORKS TECHNOLOGIES PVT. LTD.
TATA CONSULTANCY SERVICES
TEJAS NETWORKS INDIA PVT. LTD.
Technology Icons Of India 2023: Hari Om Rai
Hari Om Rai is the Co-founder, Chairman & Managing Director of Lava In...
Technology Icons Of India 2023: Harsh Jain
Harsh Jain is an Indian Entrepreneur, the co-founder and CEO of the In...
Technology Icons Of India 2023: Aalok Kumar
Aalok continues to lead the India business and further strengthen Indi...
INDIANOIL helps reach precious petroleum fuels to every nook and corner of the country
IndianOil, a diversified, integrated energy major with presence in alm...
BBNL empowering rural India digitally
BBNL provide high speed digital connectivity to Rural India at afforda...
C-DAC keeps India ahead in IT & Electronics R&D space
Centre for Development of Advanced Computing (C-DAC) is the premier R&...
TEXONIC INSTRUMENTS
Texonic has carved a niche for itself in the Technology Distribution i...
TECH DATA, A TD SYNNEX COMPANY
Tech Data Corporation was an American multinational distribution compa...
INGRAM MICRO INDIA PVT. LTD.
Ingram Micro India, a large national distributor offers a comprehensiv...