Go offline with the Player FM app!
Flagging firmware vulnerabilities. [Research Saturday]
Manage episode 353738626 series 112238
Roya Gordon from Nozomi Networks sits down with Dave to discuss their research on "Vulnerabilities in BMC Firmware Affect OT/IoT Device Security." Researchers at Nozomi Networks has revealed that there are thirteen vulnerabilities that affect BMCs of Lanner devices based on the American Megatrends (AMI) MegaRAC SP-X.
The research states "By abusing these vulnerabilities, an unauthenticated attacker may achieve Remote Code Execution (RCE) with root privileges on the BMC, completely compromising it and gaining control of the managed host." As well as mentioning what patches could be in the future to help fix these vulnerabilities.
The research can be found here:
2889 episodes
Manage episode 353738626 series 112238
Roya Gordon from Nozomi Networks sits down with Dave to discuss their research on "Vulnerabilities in BMC Firmware Affect OT/IoT Device Security." Researchers at Nozomi Networks has revealed that there are thirteen vulnerabilities that affect BMCs of Lanner devices based on the American Megatrends (AMI) MegaRAC SP-X.
The research states "By abusing these vulnerabilities, an unauthenticated attacker may achieve Remote Code Execution (RCE) with root privileges on the BMC, completely compromising it and gaining control of the managed host." As well as mentioning what patches could be in the future to help fix these vulnerabilities.
The research can be found here:
2889 episodes
Усі епізоди
×Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.