Current security vulnerabilities. How to master IT threats - Starline Computer: Storage und Server Lösungen von erfahrenen Experten

Information about current security vulnerabilities

We would like to keep you informed about acute IT threats. At this point we will inform you about emerging threats in a timely manner.

On the threat situation in IT systems

Through regular updates and patches, you can effectively protect yourself against security gaps. Our technicians are in constant contact with our suppliers. This enables us to inform you about possible threats at an early stage and to show you which products are vulnerable and for which updates are already available.

However, some security gaps only become apparent when they are already being exploited by criminals. Then it is important to act quickly to ensure that your data remains safe. This is where we would like to inform you about current bug fixes, hot fixes, additional components and patches. Here you will also find links that lead you to the necessary updates if you need to apply an important patch immediately.

Vulnerabilities found: Server vulnerable via IPMI over the Internet

What to do about Supermicro's IPMI vulnerability?

On September 26, 2023, security researchers from Binarly published seven vulnerabilities in Supermicro's IPMI firmware. Because the management interface IPMI allows servers to be controlled and configured remotely, these vulnerabilities are considered critical. The vulnerabilities in Supermicro's IPMI firmware affect a wide range of the manufacturer's servers, including models from the latest series (X11, H11, B11, M11, H12)

These security vulnerabilities can lead to a number of problems, including:

  • Data loss
  • Theft of sensitive data
  • Denial of service attacks
  • Malicious code installation

The vulnerability described in CVE-2023-40289 provides attackers with the ability to read administrator passwords of the BMC chip. The BMC chip is a small microcontroller soldered to the server's motherboard. It is responsible for the basic functions of the server, such as starting it remotely and shutting it down.

Via CVE-2023-40290, attackers can execute arbitrary commands on the BMC chip. This could be used to take over the server or install malicious code.

Supermicro has released security updates for the affected servers. Administrators should install these updates as soon as possible to protect their systems.

As a precaution, we recommend:

  • Install Supermicro security updates as soon as possible.
  • Connect the IPMI Interface to a management network to which only authorized persons have access.
    > If this is not possible, connect the IPMI Interface to a network that is secured by a firewall.
    > If this is also not possible, you should restrict access to specific IP addresses in the network settings.
  • Unplug the IPMI port if you do not need IPMI.
  • Use a strong password for the BMC chip.

Best security practices for managing servers with BMC features enabled in data centers.


Additional info:

https://www.supermicro.com/en/support/security_BMC_IPMI_Oct_2023

https://binarly.io/posts/Binarly_REsearch_Uncovers_Major_Vulnerabilities_in_Supermicro_BMCs/index.html

 

 

Older vulnerabilities

ProductNameShort nameNecessary measures
Veeam Backup & Replication | 9.5 | 10 | 11/ KB ID 4288: CVE-2022-26500 | CVE-2022-26501Patch 10a, Patch 11a
    
    
KB
Konrad Beyer
Technical Support

Our technical manager has a comprehensive knowledge of all storage and server topics.

starline_logo_kontur_300
Enterprise Storage Solutions Team
Technik

Our experts are of course also experts in Linux, Ceph and ZFS