News

Easy to retrieve passwords from thousands of Supermicro servers

By admin
Spread the love

Thousands of servers that have a Supermicro motherboard are vulnerable to a critical security problem. This makes it easy to retrieve administrators’ passwords.

The vulnerability concerns the so-called baseboard management controller, which can be used to monitor the physical status of servers. This includes, for example, viewing server temperatures and fan speeds.

Supermicro’s bmc contains a binary file that stores the passwords for remote logins as plain text. That file can be easily downloaded by connecting to port 49152, researchers from CARI.net and security institute Sans confirm.

During a scan, the CARI.net researchers found nearly 32,000 servers where the passwords could be viewed. In more than three thousand cases, the password turned out to consist of the standard combination. This includes passwords that contain ‘password’. Supermicro has not yet commented on the security issue.

You might also like
Smartphones & Gadgets

Private: Apple Intelligence is now also in Dutch: but not for everyone

Cybercrime

Private: Dating fraud: This is how you see if someone on Tinder is trying to catfish…

Smartphones & Gadgets

Private: Odido is the first company to ram in the North Sea

News

Private: 6 things that come new to YouTube for Creators

Social Media

Private: Why you shouldn't put those first day of school photos on social media

Smartphones & Gadgets

Private: Is that thin iPhone Air also easier to break?