Unrated severityCISA KEVNVD Advisory· Published Mar 11, 2025· Updated Feb 26, 2026

Redfish Authentication Bypass

CVE-2024-54085

Description

AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.

Affected products

AMI/MegaRAC-SPxv5
Range: 12.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025003.pdfmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.034
exploit	0.000
kev	0.120
patch	0.000
ransomware	0.000