back to article Some potential: How bad software updates could over-volt, brick remote servers

Presenting at Black Hat Asia 2023, two infosec researchers detailed how remote updates can be exploited to modify voltage on a Supermicro motherboard and remotely brick machines. The duo behind the discovery, both at the University of Birmingham in England, like to play around with voltage. They were already known for …

  1. _Elvi_

    .. UUmmm ..

    Lets see.

    if the evil ones can break into your datacenter, break the lock off the rack, break the lock off the server bezel, slide it out.. they could do damage to a system board.

    RIGHT.. I'm on it ..

    "MEMO: Attention all datacenter employees .... "

    1. diodesign (Written by Reg staff) Silver badge

      "if the evil ones can break into your datacenter"

      Yeah but in this case, they don't need physical access. They still need high privileges, like root, so as we've said, it's for people who want to cause chaos, not just exfiltrate data.

      C.

  2. rcxb Silver badge

    Access to BMC

    The new power management fault, or PMFault, can be carried out by a privileged software adversary who doesn't have access to Board Management Controller (BMC) login credentials.

    Help me out here... A priv user typically has access to reset the BMC credentials to anything they want.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like