• Hello and welcome! Register to enjoy full access and benefits:

    • Advertise in the Marketplace section for free.
    • Get more visibility with a signature link.
    • Company/website listings.
    • Ask & answer queries.
    • Much more...

    Register here or log in if you're already a member.

  • 🎉 WHV has crossed 10,000 monthly views and 50,000 clicks per month, as per Google Analytics! Thank you for your support! 🎉

Critical BMC Bug Could Let Attackers Brick Your Cloud or Hosting Servers

johny899

johny899

New Member
Content Writer
Messages
24
Reaction score
2
Points
8
Balance
$0.0USD
Consider essential servers on your website, enterprise, or cloud service—offline one day. You try restarting, debugging, calling technical support. Nothing fixes it. That is what this new BMC bug can accomplish. It is a debilitating bug that ruins your server—but not in a way you can repair.

So, What Is a BMC and Why Should You Care?​

A BMC (Baseboard Management Controller) is a small helper chip on your server. It enables you to control things such as power, updates, and settings-even when your machine is off. It is greatly convenient, especially for those who have remotely managed servers.

But the baddest part: A fresh bug on this chip allows hackers to take control. And worse still? They can bring your server completely offline—no, you won't even be able to turn it on.

What's So Terrifying about This Bug?​

This is what we know:

  • It can erase your server's hardware—not only software.
  • You can't patch it remotely—not even with wizardry.
  • It can be cracked into from the internet—if you haven't shut it up.
  • It's simple to recall—until your server's already busted.

How Does the Attack Work?​

This is what hackers take advantage of:

  • They Google your BMC on the internet (some don't secure it away).
  • They use the vulnerability to invade.
  • They place malicious code or send specific instructions.
  • That thoroughly ruins the chip so it won't reboot.
When that happens, your server is basically toast. You'll be forced to replace parts or even the whole system.

Who Should Care?​

If you have servers from suppliers such as Supermicro, ASRock, or legacy HP and Dell hardware, you might be affected by this bug.

Some people even found thousands of BMCs just lying out on the internet—just lying around waiting for the hackers to come by and take advantage of them. What Can You Do Now?

Don't worry—just do:​

  • Make sure your BMC isn't connected to the internet.
  • Update firmware (essentially, updating chip software).
  • Have good passwords.
  • Segregate your BMC onto a private network, so hackers aren't able to get to it.
  • Keep an eye out for wrongdoing, such as someone entering your BMC without authorisation.
Some IT people are even temporarily turning off BMCs until they can patch them. That's probably a good idea if you're unsure.
 
You must log in or register to reply here.
OrionsHost 70 OFF

Support / Help Desk

Blog - (WHV)

Hosting Reviews

Navigation

  1. WHV Forums
    1. WHV - Announcements
    2. General Discussion
    3. Introduction
    4. Web Hosting Forum
    5. Help
    6. News
  2. Marketplace
    1. VPS Offers
    2. Dedicated Server Offers
    3. Shared Hosting Offers
    4. Reseller Hosting Offers
    5. Other Offers (Not Hosting)
    6. Domains
  3. Web Hosting Discussion
    1. Hosting Software & Control Panels
    2. Other Hosting Tutorials
    3. Reviews
    4. Articles
    5. Offtopic
  4. Web Hosting Tutorials
    1. cPanel Tutorials
    2. WHM Reseller Tutorials
    3. DirectAdmin Tutorials
    4. Blesta Tutorials
    5. WHMCS Tutorials
  5. Hosting Extensions
    1. WHMCS Market
    2. Blesta Market
    3. HostBill Market
Top