Below the Surface (Audio) - The Supply Chain Security Podcast CVE-2024-54085: The First of Its Kind - BTS #54
Jul 8, 2025
The discussion centers around the critical vulnerabilities of Baseboard Management Controllers, specifically CVE-2024-54085. The hosts explain how easily attackers can exploit this vulnerability and its implications for data center security. They tackle challenges in detecting and mitigating these risks, emphasizing the importance of firmware updates. Practical operational advice includes the need for organizations to patch systems and limit BMC network access. Community tools that aid in vulnerability detection also receive significant attention.
AI Snips
Chapters
Transcript
Episode notes
Trivial Header Bug Grants Admin Access
- CVE-2024-54085 is an extremely trivial header-value bug that grants admin access to BMCs.
- Vlad Babkin explains this behaves like an authentication bypass combined with SSRF-like header injection.
KEV Inclusion Implies Real-World Exploitation
- Active exploitation of this BMC CVE implies real threat actors are using it in the wild.
- Paul Sidorian notes inclusion in CISA KEV requires verification of in-the-wild exploitation.
BMC Access Is Equivalent To Physical Control
- BMC control equals near-physical access: power, BIOS, and pre-OS features are controllable.
- Wes Daubery and Paul Sidorian highlight that BMC access lets attackers modify boot and deliver malware before OS loads.