BMC flaw left unchecked for 6 years hits Intel and Lenovo servers

The lack of communication that happened six years ago resulted in thousands of devices being vulnerable to a remotely exploitable heap out-of-bounds (OOB) read vulnerability – today. Among the vulnerable devices are Intel and Lenovo servers.

Here is what happened: Six years ago, the maintainers of Lighttpd discovered the above-mentioned flaw, which could allow threat actors to exfiltrate process memory addresses. That, in turn, could have been used to work around protection mechanisms. 

Source Article Link

Leave a Comment