Published in News

Over 200,000 BMCs Found Exposed and Vulnerale on the Internet

by on11 June 2014 1377 times

To say I am leery of The Cloud would be to make a very mild understatement. Ever since the first true cloud services hit the market (and were hacked) I have been concerned with the continued push to get more people onboard while little attention is paid to actually securing these services and the user data they contain. In a conversation I recently had, I brought up the fact that we are only in June and already have had 7 major breaches. Security (or the lack of) is a big issue, yet we do not see the companies building and selling “The Cloud” making the changes needed to protect what is already out there.

A perfect example of this was found recently by Dan Farmer. Farmer conducted a scan of UDP port 623 which is used by Baseboard Management Controllers to provide platform management (IPMI Intelligent Platform Management Interface) remotely. His scan yielded 230,000 BMCs that were accessible over the internet.

Now you might be wondering what Farmer would do this. Well it is because in 2013 HD More (founder of Metasploit) found that these BMCs could be easily hacked with a few simple commands due to flaws in the firmware. This is much like what we saw when it was found that many SCADA (supervisory control and data acquisition) devices were visible to the internet and using default admin passwords.

Farmer’s scan of BMCs found that roughly 90% of the 230,000 (207,000) were vulnerable to the exploit that Moore had disclosed a year ago. Some of the 207k vulnerable BMCs were running firmware that was 13 years old! These critical control interfaces should not be exposed to the internet in the first place, but to leave them running outdated and vulnerable firmware such as Famer found is insane.

So when you hear about that great new cloud service that just hit and are thinking about passing over your credit card information just ask yourself how they are getting low prices for their services and what corners they might be cutting.

Tell us what you think in our Forum

Last modified on 11 June 2014
Rate this item
(0 votes)

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.