Every modern server is equipped with a baseboard management controller (BMC) that enables its remote management. A BMC is essentially a computer within a computer with its own memory, firmware, graphics, and, like any other computer, potential vulnerabilities. Last week it was discovered that Dell EMC’s proprietary iDRAC (integrated Dell Remote Access Controller) hardware/software system used on the 13th Generation PowerEdge servers (and older) is vulnerable to an attack that allows the unauthorized replacement of the BMC's firmware, swapping out the stock firmware with a malicious one. The vulnerability allows the firmware swap to take place with either local or remote access. With physical access to the server, it's possible to replace the firmware even without valid login credentials. Meanwhile it's also possible to perform...

More EPYC Servers: Dell Launches 1P and 2P PowerEdge for HPC and Virtualization

One of the many questions about AMD’s EPYC processor line related to AMD’s ability to reengage with OEMs since the Bulldozer era. Recent announcements from Microsoft Azure and Baidu...

19 by Ian Cutress on 2/6/2018

Log in

Don't have an account? Sign up now