Intel pakuchotsa ziwopsezo za 22 mu firmware ya ma boardboard ake a seva, makina a seva ndi ma module apakompyuta. Zofooka zitatu, chimodzi mwazomwe zimayikidwa mulingo wovuta, ( - CVSS 9.6, - CVSS 8.3, CVSS 4.7) mu firmware ya Emulex Pilot 3 BMC controller yogwiritsidwa ntchito muzinthu za Intel. Zowopsazi zimalola mwayi wopezeka mosavomerezeka ku remote management console (KVM), kutsimikizira modutsa potengera zida zosungiramo za USB, ndikupangitsa kuti buffer yakutali isefukire mu kernel ya Linux yomwe imagwiritsidwa ntchito mu BMC.
Chiwopsezo cha CVE-2020-8708 chimalola wowukira wosavomerezeka kuti azitha kupeza gawo lodziwika bwino lapaintaneti ndi seva yomwe ili pachiwopsezo kuti athe kupeza malo owongolera a BMC. Zikudziwika kuti njira yogwiritsira ntchito chiwopsezo ndi yosavuta komanso yodalirika, chifukwa vutoli limayamba chifukwa cha zolakwika za zomangamanga. Komanso, malinga ndi Wofufuzayo atazindikira chiwopsezocho, kugwira ntchito ndi BMC pogwiritsa ntchito masuku pamutu ndikosavuta kuposa kugwiritsa ntchito kasitomala wamba wa Java. Zina mwa zida zomwe zakhudzidwa ndi vutoli ndi mabanja a ma seva a Intel R1000WT, R2000WT, R1000SP, LSVRP, LR1304SP, R1000WF ndi R2000WF, ma boardards S2600WT, S2600CW, S2600KP, S2600SPST, S1200SP2600SP, S2600TP, S2600TP, S2600TP, S2600SP2600TP, S1.59TP, SXNUMXSPXNUMXTP, SXNUMXTP, SXNUMXTP, SXNUMXSPXNUMXTP, SXNUMXTP, SXNUMXTP, SXNUMXTP, SXNUMXTP, SXNUMXTP, SXNUMXTP, SXNUMXTP, SXNUMXTP, SXNUMXTP, SXNUMXTP, SXNUMXSP. XNUMX XNUMXBP, komanso makompyuta magawo HNSXNUMXKP, HNSXNUMXTP ndi HNSXNUMXBP. Zowonongeka zidakhazikitsidwa mukusintha kwa firmware XNUMX.
Malinga ndi unofficial Firmware ya BMC Emulex Pilot 3 inalembedwa ndi AMI, kotero chiwonetsero chazovuta pamakina ochokera kwa opanga ena. Mavutowa amapezeka m'zigamba zakunja ku Linux kernel ndi ndondomeko yoyendetsera malo ogwiritsira ntchito, ndondomeko yomwe imadziwika ndi wofufuza yemwe adazindikira kuti vutoli ndilo code yoipa kwambiri yomwe adakumanapo nayo.
Tiyeni tikumbukire kuti BMC ndi woyang'anira wapadera woikidwa m'maseva, omwe ali ndi CPU yake, kukumbukira, kusungirako ndi mavoti opangira ma sensor, omwe amapereka mawonekedwe otsika kwambiri poyang'anira ndi kuyang'anira zida za seva. Pogwiritsa ntchito BMC, mosasamala kanthu za makina ogwiritsira ntchito pa seva, mukhoza kuyang'anira momwe masensa amachitira, kuyang'anira mphamvu, firmware ndi ma disks, kukonzekera kuthamangitsidwa kwakutali pa intaneti, kuonetsetsa kuti makina olowera kutali akugwira ntchito, ndi zina zotero.
Source: opennet.ru