Wednesday, 11 June 2014 07:07

Over 200,000 BMCs Found Exposed and Vulnerale on the Internet

Written by
Rate this item
(0 votes)

Reading time is around minutes.

To say I am leery of The Cloud would be to make a very mild understatement. Ever since the first true cloud services hit the market (and were hacked) I have been concerned with the continued push to get more people onboard while little attention is paid to actually securing these services and the user data they contain. In a conversation I recently had, I brought up the fact that we are only in June and already have had 7 major breaches. Security (or the lack of) is a big issue, yet we do not see the companies building and selling “The Cloud” making the changes needed to protect what is already out there.

A perfect example of this was found recently by Dan Farmer. Farmer conducted a scan of UDP port 623 which is used by Baseboard Management Controllers to provide platform management (IPMI Intelligent Platform Management Interface) remotely. His scan yielded 230,000 BMCs that were accessible over the internet.

Now you might be wondering what Farmer would do this. Well it is because in 2013 HD More (founder of Metasploit) found that these BMCs could be easily hacked with a few simple commands due to flaws in the firmware. This is much like what we saw when it was found that many SCADA (supervisory control and data acquisition) devices were visible to the internet and using default admin passwords.

Farmer’s scan of BMCs found that roughly 90% of the 230,000 (207,000) were vulnerable to the exploit that Moore had disclosed a year ago. Some of the 207k vulnerable BMCs were running firmware that was 13 years old! These critical control interfaces should not be exposed to the internet in the first place, but to leave them running outdated and vulnerable firmware such as Famer found is insane.

So when you hear about that great new cloud service that just hit and are thinking about passing over your credit card information just ask yourself how they are getting low prices for their services and what corners they might be cutting.

Tell us what you think in our Forum

Read 2190 times Last modified on Wednesday, 11 June 2014 07:09

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.