Intel pakuchotsa ziwopsezo za 22 mu firmware ya ma boardboard ake a seva, makina a seva ndi ma module apakompyuta. Zofooka zitatu, chimodzi mwazomwe zimayikidwa mulingo wovuta, ( - CVSS 9.6, - CVSS 8.3, CVSS 4.7) mu firmware ya Emulex Pilot 3 BMC controller yomwe imagwiritsidwa ntchito muzinthu za Intel. Zofookazo zimalola mwayi wosatsimikizika ku remote management console (KVM), kuletsa kutsimikizika potengera zida zosungiramo USB, ndikupangitsa kuti remote buffer ichuluke mu kernel yomwe imagwiritsidwa ntchito mu BMC. Linux.
Chiwopsezo cha CVE-2020-8708 chimalola wowukira wosavomerezeka kuti azitha kupeza gawo lodziwika bwino lapaintaneti ndi seva yomwe ili pachiwopsezo kuti athe kupeza malo owongolera a BMC. Zikudziwika kuti njira yogwiritsira ntchito chiwopsezo ndi yosavuta komanso yodalirika, chifukwa vutoli limayamba chifukwa cha zolakwika za zomangamanga. Komanso, malinga ndi Wofufuzayo atazindikira chiwopsezocho, kugwira ntchito ndi BMC pogwiritsa ntchito masuku pamutu ndikosavuta kuposa kugwiritsa ntchito kasitomala wamba wa Java. Zina mwa zida zomwe zakhudzidwa ndi vutoli ndi mabanja a ma seva a Intel R1000WT, R2000WT, R1000SP, LSVRP, LR1304SP, R1000WF ndi R2000WF, ma boardards S2600WT, S2600CW, S2600KP, S2600SPST, S1200SP2600SP, S2600TP, S2600TP, S2600TP, S2600SP2600TP, S1.59TP, SXNUMXSPXNUMXTP, SXNUMXTP, SXNUMXTP, SXNUMXSPXNUMXTP, SXNUMXTP, SXNUMXTP, SXNUMXTP, SXNUMXTP, SXNUMXTP, SXNUMXTP, SXNUMXTP, SXNUMXTP, SXNUMXTP, SXNUMXTP, SXNUMXSP. XNUMX XNUMXBP, komanso makompyuta magawo HNSXNUMXKP, HNSXNUMXTP ndi HNSXNUMXBP. Zowonongeka zidakhazikitsidwa mukusintha kwa firmware XNUMX.
Malinga ndi unofficial Firmware ya BMC Emulex Pilot 3 inalembedwa ndi AMI, kotero Mavutowa amaonekeranso pamakina ochokera kwa opanga ena. Mavutowa amapezeka m'magawo akunja a kernel. Linux ndi njira yowongolera malo ogwiritsira ntchito omwe ma code ake amadziwika ndi wofufuza yemwe adapeza vutoli ngati ma code oyipa kwambiri omwe adakumanapo nawo.
Tiyeni tikumbukire kuti BMC ndi woyang'anira wapadera woikidwa m'maseva, omwe ali ndi CPU yake, kukumbukira, kusungirako ndi mavoti opangira ma sensor, omwe amapereka mawonekedwe otsika kwambiri poyang'anira ndi kuyang'anira zida za seva. Pogwiritsa ntchito BMC, mosasamala kanthu za makina ogwiritsira ntchito pa seva, mukhoza kuyang'anira momwe masensa amachitira, kuyang'anira mphamvu, firmware ndi ma disks, kukonzekera kuthamangitsidwa kwakutali pa intaneti, kuonetsetsa kuti makina olowera kutali akugwira ntchito, ndi zina zotero.
Source: opennet.ru
