+1-415-954-2800 Support

Penguin Computing™ Statement on Eclypsium Reporting of Vulnerable Firmware in Enterprise Servers

BMC vulnerabilities on ASpeed platform with MergePoint EMS by Avocent (now Vertiv)

Potential Impact: Information disclosure

Severity: Medium

Summary Description

Eclypsium researchers identified a firmware vulnerability on ASpeed BMC based platform with firmware from MergePoint EMS, by Avocent (now Vertiv) according to a published report.

With administrative privilege, two specific vulnerabilities were found in the BMC firmware would allow an attacker make persistent and malicious modification to the BMC firmware.

  1. The BMC firmware update process for MergePoint EMS does not perform cryptographic signature verification before accepting updates and writing the contents to SPI flash.
  2. The code in the BMC that performs the firmware update process itself contains a command injection vulnerability

Mitigation Strategy for Customers (i.e. what you should do to protect yourself)

Update to the firmware level (or later) described for your system in the Product Impact section.
If it is not feasible to update the firmware immediately, partial protection can be achieved by access control for users with administrative privileges.

Acknowledgement

Penguin Computing would like to thank Gigabyte and Eclypsium for reporting on this issue.

Product Impact

SERVER MODELSFILENAMECHECKSUM (MD5)HOW TO OBTAIN FILE:
Relion XE1112189.bina36b6110347ba3628c0654aefe9089ee[email protected]
Relion XE2112189.bina36b6110347ba3628c0654aefe9089ee[email protected]
Relion XE2142 (BMC)189.bina36b6110347ba3628c0654aefe9089ee[email protected]
Relion XE2142 (CMC133.bin036794fa7e6d8e03d70fc47af5c9598b[email protected]
Relion XE4112189.bina36b6110347ba3628c0654aefe9089ee[email protected]
Relion XE1114GT189.bina36b6110347ba3628c0654aefe9089ee[email protected]
Relion XE2112GT189.bina36b6110347ba3628c0654aefe9089ee[email protected]
Relion XE2118GT189.bina36b6110347ba3628c0654aefe9089ee[email protected]
Relion XE4118GT189.bina36b6110347ba3628c0654aefe9089ee[email protected]
Relion XE4118GTS189.bina36b6110347ba3628c0654aefe9089ee[email protected]
Relion XO1132g189.bina36b6110347ba3628c0654aefe9089ee[email protected]
Altus XE1111189.bina36b6110347ba3628c0654aefe9089ee[email protected]
Altus XE2111189.bina36b6110347ba3628c0654aefe9089ee[email protected]

Revision History

REVISIONDATEDESCRIPTION
12019-07-19Initial Release

SUPPORT PORTAL

Login to open a case or get documentation

CALL US
General questions:
1-415-954-2800
Tech support: 
1-415-954-2800

EMAIL US
Tech support:
[email protected]
RMA requests or status:
[email protected]
POD HPC Cloud Support:
[email protected]