zlacker

[return to "Supermicro server motherboards can be infected with unremovable malware"]
1. dlcarr+3Va[view] [source] 2025-09-28 16:11:28
>>zdw+(OP)
Unremovable through remote access, but reliably removed by reflashing the firmware through JTAG, or whatever interface used during manufacturing to initially load the firmware.
◧◩
2. vetrom+I7b[view] [source] 2025-09-28 17:35:29
>>dlcarr+3Va
bios flashes are typically preflashed prior to soldering to boards -- some vendors route jtag or spi contacts, but you're more likely to need a vampire/pogo clip on for the TSOP or equivalent chip, or have fun with resoldering the bios flash if you're needing to recover from this.

It's not impossible to do in the field, but you can't really count on vendors surfacing that interface usually.

◧◩◪
3. bpye+0eb[view] [source] 2025-09-28 18:23:53
>>vetrom+I7b
Do any server boards still socket the BIOS flash?
◧◩◪◨
4. arianv+vlb[view] [source] 2025-09-28 19:22:15
>>bpye+0eb
Yes ASRock Rack has socketed bios and BMC flash. At least on their Ampere motherboards
[go to top]