Users who have used PCs for a long time should have encountered American Megatrends International related messages when the system starts. AMI is a leading supplier of BIOS and UEFI series software. Many PCs and servers use the controller software provided by AMI.
AMI recently issued an announcement revealing a high-risk security vulnerability in its MegaRAC baseboard controller software. This security vulnerability is numbered CVE-2024-54085 and has a CVSS score of 10/10, highlighting the potential harm caused by this vulnerability.
According to the description, CVE-2024-54085 can be exploited remotely, which can lead to malware infection, firmware tampering, and irreversible physical damage to the motherboard by increasing the voltage to cause overvoltage. Currently, motherboard manufacturers using AMI software are gradually releasing updates to fix the vulnerability.
AMI example diagram
Below is a detailed description of this vulnerability:
A local or remote attacker could exploit this vulnerability by accessing the remote management interface Redfish or the BMC interface of an internal host. A successful exploit could allow a hacker to remotely take control of an infected server, remotely deploy malware, ransomware, tamper with firmware, corrupt motherboard components (BMC or potentially BIOS/UEFI), cause potential physical server damage, and cycle device reboots.
ASUS recently released an update to fix four affected motherboards:
PRO WS W790E-SAGE SE – v1.1.57: https://www.asus.com/motherboards-components/motherboards/workstation/pro-ws-w790e-sage-se/helpdesk_bios?model2Name=Pro-WS-W790E-SAGE-SE
PRO WS W680M-ACE SE – v1.1.21: https://www.asus.com/motherboards-components/motherboards/workstation/pro-ws-w680m-ace-se/helpdesk_bios?model2Name=Pro-WS-W680M-ACE-SE
PRO WS WRX90E-SAGE SE – v2.1.28: https://www.asus.com/motherboards-components/motherboards/workstation/pro-ws-wrx90e-sage-se/helpdesk_bios?model2Name=Pro-WS-WRX90E-SAGE-SE
Pro WS WRX80E-SAGE SE WIFI – v1.34.0: https://www.asus.com/motherboards-components/motherboards/workstation/pro-ws-wrx80e-sage-se-wifi/helpdesk_bios?model2Name=Pro-WS-WRX80E-SAGE-SE-WIFI
If the PC or server you are using uses an ASUS or above type of motherboard, you should immediately download the firmware update and upgrade manually. The upgrade method is as follows: After downloading BMC's ima format firmware, access the web interface, maintenance, firmware update, select the ima file and click to start the firmware update. AMI recommends that users check the full refresh option to completely upgrade the firmware.
Why is the above BMC firmware release date in March? Are these firmwares up to date:
The above firmware is the latest version. For security reasons, OEMs usually release the firmware first and then disclose the vulnerabilities after a period of delay. This prevents hackers from using firmware reverse engineering to find vulnerabilities and then launch targeted attacks when most users have not upgraded.
Note: The above four motherboards are all high-performance motherboards used in ASUS workstation equipment. It is not clear whether ASUS or other motherboard manufacturers have adopted ordinary consumer-grade motherboards equipped with AMI software. Users are advised to pay attention to the motherboard manufacturer's website to see if there is any updated information.