MegaRAC
by Ami
CVEs (32)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-54085 | Cri | 0.81 | 9.8 | 0.61 | KEV | Mar 11, 2025 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | |
| CVE-2023-3043 | Cri | 0.62 | 9.6 | 0.00 | Jan 9, 2024 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. … | ||
| CVE-2023-37293 | Cri | 0.62 | 9.6 | 0.00 | Jan 9, 2024 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | ||
| CVE-2023-34329 | Cri | 0.59 | 9.1 | 0.01 | Jul 18, 2023 | AMI MegaRAC SPx12 contains a vulnerability in BMC where a User may cause an authentication bypass by spoofing the HTTP header. A successful exploit of this vulnerability may lead to loss of confidentiality, integrity, and availability. | ||
| CVE-2023-28863 | Cri | 0.59 | 9.1 | 0.00 | Apr 18, 2023 | AMI MegaRAC SPx12 and SPx13 devices have Insufficient Verification of Data Authenticity. | ||
| CVE-2023-37297 | Hig | 0.54 | 8.3 | 0.00 | Jan 9, 2024 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | ||
| CVE-2023-37296 | Hig | 0.54 | 8.3 | 0.00 | Jan 9, 2024 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | ||
| CVE-2023-37295 | Hig | 0.54 | 8.3 | 0.00 | Jan 9, 2024 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. … | ||
| CVE-2023-37294 | Hig | 0.54 | 8.3 | 0.00 | Jan 9, 2024 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. … | ||
| CVE-2022-26872 | Hig | 0.54 | 8.3 | 0.01 | Jan 30, 2023 | AMI Megarac Password reset interception via API | ||
| CVE-2022-40259 | Hig | 0.54 | 8.3 | 0.01 | Dec 5, 2022 | MegaRAC Default Credentials Vulnerability | ||
| CVE-2023-34330 | Hig | 0.53 | 8.2 | 0.01 | Jul 18, 2023 | AMI SPx contains a vulnerability in the BMC where a user may inject code which could be executed via a Dynamic Redfish Extension interface. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability. | ||
| CVE-2023-34336 | Hig | 0.53 | 8.1 | 0.01 | Jun 12, 2023 | AMI BMC contains a vulnerability in the IPMI handler, where an attacker with the required privileges can cause a buffer overflow, which may lead to code execution, denial of service, or escalation of privileges. | ||
| CVE-2023-34333 | Hig | 0.51 | 7.8 | 0.00 | Jan 9, 2024 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause an untrusted pointer to dereference via a local network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. … | ||
| CVE-2023-34332 | Hig | 0.51 | 7.8 | 0.00 | Jan 9, 2024 | AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause an untrusted pointer to dereference by a local network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. … | ||
| CVE-2023-34335 | Hig | 0.50 | 7.7 | 0.00 | Jun 12, 2023 | AMI BMC contains a vulnerability in the IPMI handler, where an unauthenticated host is allowed to write to a host SPI flash, bypassing secure boot protections. An exploitation of this vulnerability may lead to a loss of integrity or denial of service. | ||
| CVE-2023-34337 | Hig | 0.49 | 7.6 | 0.00 | Jul 5, 2023 | AMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption strength by hash-based message authentication code (HMAC). A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability. | ||
| CVE-2023-25191 | Hig | 0.49 | 7.5 | 0.01 | Feb 15, 2023 | AMI MegaRAC SPX devices allow Password Disclosure through Redfish. The fixed versions are SPx_12-update-7.00 and SPx_13-update-5.00. | ||
| CVE-2022-40242 | Hig | 0.49 | 7.5 | 0.01 | Dec 5, 2022 | MegaRAC Default Credentials Vulnerability | ||
| CVE-2022-2827 | Hig | 0.49 | 7.5 | 0.02 | Dec 5, 2022 | AMI MegaRAC User Enumeration Vulnerability |
- risk 0.81cvss 9.8epss 0.61
AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.
- risk 0.62cvss 9.6epss 0.00
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. …
- risk 0.62cvss 9.6epss 0.00
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.
- risk 0.59cvss 9.1epss 0.01
AMI MegaRAC SPx12 contains a vulnerability in BMC where a User may cause an authentication bypass by spoofing the HTTP header. A successful exploit of this vulnerability may lead to loss of confidentiality, integrity, and availability.
- risk 0.59cvss 9.1epss 0.00
AMI MegaRAC SPx12 and SPx13 devices have Insufficient Verification of Data Authenticity.
- risk 0.54cvss 8.3epss 0.00
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.
- risk 0.54cvss 8.3epss 0.00
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.
- risk 0.54cvss 8.3epss 0.00
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. …
- risk 0.54cvss 8.3epss 0.00
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. …
- risk 0.54cvss 8.3epss 0.01
AMI Megarac Password reset interception via API
- risk 0.54cvss 8.3epss 0.01
MegaRAC Default Credentials Vulnerability
- risk 0.53cvss 8.2epss 0.01
AMI SPx contains a vulnerability in the BMC where a user may inject code which could be executed via a Dynamic Redfish Extension interface. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability.
- risk 0.53cvss 8.1epss 0.01
AMI BMC contains a vulnerability in the IPMI handler, where an attacker with the required privileges can cause a buffer overflow, which may lead to code execution, denial of service, or escalation of privileges.
- risk 0.51cvss 7.8epss 0.00
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause an untrusted pointer to dereference via a local network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. …
- risk 0.51cvss 7.8epss 0.00
AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause an untrusted pointer to dereference by a local network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. …
- risk 0.50cvss 7.7epss 0.00
AMI BMC contains a vulnerability in the IPMI handler, where an unauthenticated host is allowed to write to a host SPI flash, bypassing secure boot protections. An exploitation of this vulnerability may lead to a loss of integrity or denial of service.
- risk 0.49cvss 7.6epss 0.00
AMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption strength by hash-based message authentication code (HMAC). A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability.
- risk 0.49cvss 7.5epss 0.01
AMI MegaRAC SPX devices allow Password Disclosure through Redfish. The fixed versions are SPx_12-update-7.00 and SPx_13-update-5.00.
- risk 0.49cvss 7.5epss 0.01
MegaRAC Default Credentials Vulnerability
- risk 0.49cvss 7.5epss 0.02
AMI MegaRAC User Enumeration Vulnerability
Page 1 of 2