In a startling revelation, it has come to light that a vulnerability lurking within Baseboard Management Controllers (BMC) for nearly six years has put Intel servers at risk, potentially compromising sensitive data. This oversight extends to renowned device vendors, including industry giants Intel and Lenovo.
The vulnerability, stemming from the Light tpd web server utilized in BMCs, poses a significant threat by enabling the extraction of process memory addresses. This loophole could be exploited by attackers to circumvent crucial protection mechanisms such as Address Space Layout Randomization (ASLR), raising serious concerns about data security.
Light tpd, renowned for its lightweight and efficient nature, is favoured for its suitability in high-traffic websites while minimizing system resource consumption. However, recent scans conducted by Binarily firmware security firm uncovered a remotely exploitable heap out-of-bounds (OOB) read vulnerability in the Light tpd server, specifically targeting “folded” HTTP request headers.
Despite efforts to address the vulnerability back in August 2018 with the release of Light tpd version 1.4.51, the patch was quietly implemented without a tracking ID (CVE). Consequently, the fix was overlooked by developers of the AMI MegaRAC BMC, leading to its integration failure into subsequent products and, ultimately, affecting system vendors and their clientele.
The impact of this oversight reverberates across the industry, particularly within data centres and cloud environments where BMCs play a pivotal role in remote management and monitoring. Binary’s findings reveal a concerning trend, with a substantial number of Intel and Lenovo devices vulnerable to exploitation due to the unaddressed Light tpd vulnerability.
While efforts have been made to notify affected vendors, the reality remains grim for devices that have reached end-of-life (EOL) status, as they no longer receive crucial security updates. This leaves a gaping hole in data security, underscoring the urgent need for proactive measures to mitigate potential risks posed by such vulnerabilities.
As the cybersecurity landscape evolves, it’s imperative for stakeholders to prioritize transparency and swift action in addressing firmware vulnerabilities. Failure to do so not only jeopardizes data integrity but also exposes organizations to unprecedented security threats that can have far-reaching implications.
