Authentication Bypass Vulnerability in AMIā€™s SPx Management Controller
CVE-2024-54085

10CRITICAL

Key Information:

Vendor

Ami

Status
Megarac-spx
Vendor
CVE Published:
11 March 2025

Badges

šŸ“ˆ Score: 1,240šŸ’° RansomwarešŸ‘¾ Exploit ExistsšŸ“° News Worthy

What is CVE-2024-54085?

CVE-2024-54085 is an authentication bypass vulnerability present in AMIā€™s SPx Management Controller. This product is utilized to manage server hardware and provides a crucial interface for systems management. The vulnerability allows an attacker to remotely bypass authentication protocols via the Redfish Host Interface, significantly threatening the security posture of organizations using this technology. If exploited, it could lead to severe breaches of confidentiality, integrity, and availability of critical systems and data.

Technical Details

The vulnerability exists within the Baseboard Management Controller (BMC) component of AMIā€™s SPx Management Controller. Specifically, the flaw permits remote authentication bypass, meaning that unauthorized users can access management functions without going through the proper authentication processes. This vulnerability alters the expected security mechanisms designed to protect sensitive hardware management operations.

Potential Impact of CVE-2024-54085

  1. Loss of Confidentiality: Successful exploitation could provide attackers access to sensitive information stored or processed by the management interface, leading to potential data leaks.

  2. Integrity Compromise: Attackers could alter or manipulate system settings and configurations without authorization, risking the reliability and accuracy of managed systems.

  3. Availability Threat: An attacker gaining access to the management controller could disrupt service availability, potentially leading to downtime or service outages that affect business operations.

Affected Version(s)

MegaRAC-SPx 12.0 < 12.7

MegaRAC-SPx 13.0 < 13.5

News Articles

favicon imageBleepingComputer

ASUS releases fix for AMI bug that lets hackers brick servers

ASUS has released security updates to address CVE-2024-54085, a maximum severity flaw that could allow attackers to hijack and potentially brick servers.

3 weeks ago

favicon imageheise online

Security vulnerability with maximum risk level in remote server maintenance

Ethernet ports for remote maintenance do not belong on the public network, as a current security vulnerability impressively demonstrates.

favicon imageBleepingComputer

Critical AMI MegaRAC bug can let attackers hijack, brick servers

ā€‹A new critical severity vulnerability found in American Megatrends International's MegaRAC Baseboard Management Controller (BMC) software can let attackers hijack and potentially brick vulnerable servers.

References

https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-S...

CVSS V4

Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • šŸ’°

    Used in Ransomware

  • šŸ‘¾

    Exploit known to exist

  • šŸ“°

    First article discovered by SecurityWeek

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2024-54085 : Authentication Bypass Vulnerability in AMIā€™s SPx Management Controller