zlacker

[return to "Supermicro server motherboards can be infected with unremovable malware"]
1. SoftTa+K5b[view] [source] 2025-09-28 17:22:44
>>zdw+(OP)
"If a potential attacker already has administrative access to the BMC..."

Then you've already lost.

The BMC needs to be ideally on a physically isolated network, or at least a separate one that has no route from the outside nor on the machine itself.

◧◩
2. perchi+KFb[view] [source] 2025-09-28 21:41:09
>>SoftTa+K5b
I don't work with physical servers, so this is a gap in my knowledge. Isn't it the entire purpose of BMCs to allow for remote management?

So you'd definitely have to have it connected to the internet somehow, even if very indirectly, and in an independent manner (different network with no direct routes).

[go to top]