On the other hand, Dell, confirmed that its systems are not affected by Megarac’s issue, because it uses your Dell Remote Accerler (DRAC) on its servers.
How do the attackers exploit the error?
The Sunday after the patch was sent in March, EllyPsium, a company that received the risk in late 2024, published many internal operating details:
“As far as we know, being at risk affects only my BMC software
Error, scored the size of the 10th largest, is appointed ‘a critical error “in CVS. It may allow bypass validity by using the Redfish Interface, according to the EyllyPSium, which has the radical products, the shipping of the server, Malware / Rangware, and destructive acts such as unrest advise boards.
In short, it would not be a good day of victims, although there was no risk abuse until now. But like any of the risk of the software, including speed and is easy for it.
The first issue shown by the quickest response to CVE 2024-540855 is the complexity of the hold process where the software involved is part of more than one.
Source link