CVE-2024-54085
Redfish Authentication Bypass
In short
A vulnerability in AMI's SPx BMC allows attackers to bypass authentication on the Redfish interface without logging in, potentially giving them full access to the system's sensitive functions and data.
Technical detail
The vulnerability exists in AMI SPx's Baseboard Management Controller (BMC) Redfish Host Interface implementation, allowing remote attackers to circumvent authentication mechanisms. Successful exploitation grants unauthorized access to BMC functions, potentially compromising confidentiality, integrity, and availability of the managed system.
Summary generated and translated by AI from the official description.
AMI’s SPx contains
a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation
of this vulnerability may lead to a loss of confidentiality, integrity, and/or
availability.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Affected products
AMI · MegaRAC-SPxpublic PoCs found — 1
githubgithub.com/Mr-Zapi/CVE-2024-54085★ 2⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://arstechnica.com/security/2025/06/active-exploitation-of-ami-management-tool-imperils-thousands-of-servers/https://eclypsium.com/blog/bmc-vulnerability-cve-2024-05485-cisa-known-exploited-vulnerabilities/https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025003.pdfhttps://nvd.nist.gov/vuln/detail/CVE-2024-54085https://security.netapp.com/advisory/ntap-20250328-0003/https://www.bleepingcomputer.com/news/security/cisa-ami-megarac-bug-that-lets-hackers-brick-servers-now-actively-exploited/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-54085https://www.networkworld.com/article/4013368/ami-megarac-authentication-bypass-flaw-is-being-exploitated-cisa-warns.html