zlacker

[return to "Supermicro server motherboards can be infected with unremovable malware"]
1. kj4ips+FVa[view] [source] 2025-09-28 16:14:13
>>zdw+(OP)
Do we know if this is also the case for other systems that use Aspeed/ami BMCs, or if the key pair in question is exclusive to SM?
◧◩
2. buildb+90b[view] [source] 2025-09-28 16:41:10
>>kj4ips+FVa
Yes it is.

Supermicro is one of the only vendors that tries to prevent this attack at all through RoT.

Other vendors you can flash whatever unsigned firmware you want. It’s very useful for adding in microcode for intel engineering samples, or malware…

◧◩◪
3. gpapil+lKc[view] [source] 2025-09-29 11:36:42
>>buildb+90b
This is not true. Almost all firmware is signed by every vendor, and there are standards from Intel and amd on implementation of code signing.

Look up Intel pfr.

[go to top]