Server Hardware Flaw Unpatched for Years Leaves Data Vulnerable
-
Vulnerable open source software went unfixed for years in server hardware BMCs made by multiple manufacturers.
-
Affected hardware was sold by Intel, Lenovo, and Supermicro containing the vulnerability.
-
Exploiting the flaw makes it possible to bypass memory protections like ASLR.
-
Intel and Lenovo hardware will never get fixes since the products are EOL.
-
The vulnerability allows sensitive data exfiltration and reading server memory contents.