Servers working on maternal scarves sold by Supermicro contain high -speed vulnerability, which can allow hackers to remotely establish harmful firmware, which works even in front of the operating system, making infections impossible to detect or remove unusual protection.
One of the two vulnerabilities is the result of the release of the incomplete patch of supermicrone In January– said Alex Matrosov, founder and general director of Binarly, a security company who discovered her. He said that insufficient correction is intended for correction of CVE-2024-10237, vulnerability with high and unheated, which allowed the attackers of firmware firmware, which works during the loading of the machine. Binarli discovered a second critical vulnerability, which allows the same attack.
“Understerent perseverance”
Such vulnerabilities can be used to install a firmware similar to similarly CloudedThe implant discovered in 2021, in which the HP corporate corporate corporate corporation corporations were infected, which constantly destroyed the data stored on hard drives. Even after the administrators reinstalled the operating system, they changed their gesture discs or took other general steps of disinfection, Ilobeded will remain untouched and will reactivate the attack on the disk knocking out. The exploit that the attackers used in this campaign was fixed by the HP four years ago, but was not installed in compromised devices.
“Both problems provide unprecedented constant power in significant Supermicro Device fleets, including [in] AI data centers, ”wrote Matrosov ARS in an interview with online, referring to the last two vulnerabilities, binary discovered.“ After they are fixed [the earlier vulnerability]We looked at the remaining part of the surface of the attack and found even the worst security problems. ”
Two new vulnerabilities, reflected as the CVE-2025-7937 and CVE-2025-6198, enters the silicon, soldering to the Supermicro motherboards, which control the servers within data centers. Basic control controllers (BMC) allow administrators to remotely perform tasks such as installing updates, monitoring of hardware temperature and tuning the fan speed, respectively. BMC also includes some of the most confidential operations, such as flashing firmware for UEFI (Unified Firmware), which is responsible for loading the server OS when loading. BMC provide these opportunities and much more, even when the servers to which they are connected are turned off.
