Baseboard management controller vulnerabilities, misconfigurations, and exploitation: a case study of Supermicro X11-based BMC security
Pellinen, Ahti (2023)
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2023121136056
https://urn.fi/URN:NBN:fi:amk-2023121136056
Tiivistelmä
The baseboard management controllers (BMCs) are highly privileged hardware components connected to
server motherboards, powering society's information technology infrastructure. The ever-increasing threat
of opportunistic and targeted cyber-attacks requires organizations to adapt and secure their infrastructure,
as previous research has found BMCs to be vulnerable and exploitable by cyber attackers.
The premise of the previous research laid foundations to perform a case study and a deep dive into a single
BMC-enabled server motherboard: the Super Micro Controller Inc. manufactured M11SDV-8C+-LN4F. A
case study allowed the research to focus on a naturally limited research scope, providing an in-depth un-
derstanding of possible vulnerabilities, exploitation vectors, and common misconfigurations of these de-
vices and their deployment scenarios using gray-box software assessment methodology and documenta-
tion reviews. Objectively, a case study provided a way to conduct vulnerability research and identify
actionable remediation vectors to limit the exploitability of the controllers.
The main findings include the identification of high-severity software vulnerabilities tracked with common
vulnerability enumeration identifiers CVE-2023-33411, CVE-2023-33412, and CVE-2023-33413. Additionally,
the internet exposure of the baseboard management controllers and exploitation attempts were assessed
with search engine queries and active honeypot systems. Finally, the research provided an outline for sev-
eral living-on-the-land types of attack and exploitation scenarios affecting the baseboard management con-
trollers deployed in both ignorant and best practices conforming deployments
server motherboards, powering society's information technology infrastructure. The ever-increasing threat
of opportunistic and targeted cyber-attacks requires organizations to adapt and secure their infrastructure,
as previous research has found BMCs to be vulnerable and exploitable by cyber attackers.
The premise of the previous research laid foundations to perform a case study and a deep dive into a single
BMC-enabled server motherboard: the Super Micro Controller Inc. manufactured M11SDV-8C+-LN4F. A
case study allowed the research to focus on a naturally limited research scope, providing an in-depth un-
derstanding of possible vulnerabilities, exploitation vectors, and common misconfigurations of these de-
vices and their deployment scenarios using gray-box software assessment methodology and documenta-
tion reviews. Objectively, a case study provided a way to conduct vulnerability research and identify
actionable remediation vectors to limit the exploitability of the controllers.
The main findings include the identification of high-severity software vulnerabilities tracked with common
vulnerability enumeration identifiers CVE-2023-33411, CVE-2023-33412, and CVE-2023-33413. Additionally,
the internet exposure of the baseboard management controllers and exploitation attempts were assessed
with search engine queries and active honeypot systems. Finally, the research provided an outline for sev-
eral living-on-the-land types of attack and exploitation scenarios affecting the baseboard management con-
trollers deployed in both ignorant and best practices conforming deployments