CVE-2024-54085 - Geek Feed

CISA: AMI MegaRAC bug enabling server hijacks exploited in attacks

June 29, 2025June 29, 2025 geekfeed0Tagged Actively Exploited, American Megatrends International, AMI, Authentication Bypass, CISA, CVE-2024-54085, MegaRAC

CISA has confirmed that a maximum severity vulnerability in AMI’s MegaRAC Baseboard Management Controller (BMC) software is now actively exploited in attacks. The MegaRAC BMC firmware provides remote system management capabilities for troubleshooting servers without being physically present, and it’s used by several vendors (including HPE, Asus, and ASRock) that supply equipment to cloud service […]

2 mins read

ASUS releases fix for AMI bug that lets hackers brick servers

April 25, 2025April 25, 2025 geekfeed0Tagged ASUS, Bricked, CVE-2024-54085, firmware, hardware, motherboard, vulnerability

ASUS has released security updates to address CVE-2024-54085, a maximum severity flaw that could allow attackers to hijack and potentially brick servers. The flaw impacts American Megatrends International’s MegaRAC Baseboard Management Controller (BMC) software, used by over a dozen server hardware vendors, including HPE, ASUS, and ASRock. The CVE-2024-54085 flaw is remotely exploitable, potentially leading to malware […]

2 mins read