CVE-2024-54085

Published Mar 11, 2025

Last updated 20 days ago

Exploit knownCVSS critical 10.0
AMI

Overview

AI description

Automated description summarized from trusted sources.

CVE-2024-54085 is a vulnerability found in AMI's SPx Baseboard Management Controller (BMC) software. It allows a remote attacker to bypass authentication through the Redfish Host Interface. Successful exploitation of this vulnerability could lead to a complete compromise of the affected system, including loss of confidentiality, integrity, and availability. AMI has released updates to address this vulnerability in SPx versions SPx_12.7+ and SPx_13.5.

Description
AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.
Source
biossecurity@ami.com
NVD status
Analyzed

Risk scores

CVSS 4.0

Type
Secondary
Base score
10
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
CRITICAL

CVSS 3.1

Type
Primary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Known exploits

Data from CISA

Vulnerability name
AMI MegaRAC SPx Authentication Bypass by Spoofing Vulnerability
Exploit added on
Jun 25, 2025
Exploit action due
Jul 16, 2025
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Weaknesses

biossecurity@ami.com
CWE-290

Social media

Hype score
Not currently trending

  1. We shipped some Nuclei templates to help folks detect CVE-2024-54085 (AMI MegaRAC BMC auth bypass). Here's a clip from the podcast episode where we discussed this vulnerability. Grab the Nuclei code from our most recent blog post. https://t.co/JHmoOtX1Lb

    @eclypsium

    10 Jul 2025

    135 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. BTS #54 - CVE-2024-54085: The First of Its Kind https://t.co/lRwpfY35da In this episode, the hosts delve into the critical vulnerabilities associated with Baseboard Management Controllers (BMCs), with a particular focus on CVE-2024-54085. They discuss the ease of exploitation

    @f1tym1

    9 Jul 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨 Security Alert! Discover why CVE-2024-54085 made history as the first BMC vulnerability on CISA's critical list. This flaw affects major data centers, enabling remote control without user action. Stay informed and protected! Read more: https://t.co/zKTKk2o8bl...

    @InnoVirtuoso

    8 Jul 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. csirt_it: La Settimana Cibernetica del 6 luglio 2025 🔹 aggiornamenti per molteplici prodotti 🔹 AMI: rilevato sfruttamento attivo della CVE-2024-54085 🔹 RAT basato su ScreenConnect veicolato da falsi inviti Zoom ⚠️ #EPSS: verifica le CVE di maggior i… https://t.co

    @Vulcanux_

    7 Jul 2025

    57 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2024-54085 (CVSS 10.0): Critical Vulnerability Affecting Megatrends Inc. (AMI) MegaRAC SPx Firmware Package for Baseboard Management Controller (BMC) https://t.co/aU5VikX1LH

    @freedomhack101

    3 Jul 2025

    76 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    0 Quotes

  6. 🚨 CVE-2024-54085: Critical auth bypass in AMI MegaRAC SPx (CVSS 10.0) lets attackers spoof headers to gain full BMC access—no creds needed. Censys sees 4K+ exposed hosts. 🛠️ Patch now or isolate BMCs. 🔗 https://t.co/RCZBb7W35J #CVE202454085 #AMI #CyberSecurity #KEV

    @censysio

    2 Jul 2025

    882 Impressions

    3 Retweets

    12 Likes

    5 Bookmarks

    0 Replies

    0 Quotes

  7. CVE-2024-54085 BMC vulnerabilities threaten AMD, Supermicro servers! Patch now & isolate BMCs to stay secure. Read more: https://t.co/qCYZPFrLGL https://t.co/mFyEXy9dcv

    @blackbeltsecure

    30 Jun 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. csirt_it: ‼️ #Exploited: rilevato lo sfruttamento attivo della CVE-2024-54085 relativa alla piattaforma firmware #MegaRACSPx di #AMI Rischio: 🟠 Tipologia 🔸Authentication Bypass 🔗 https://t.co/QrqtTvJYxZ ⚠ Importante aggiornare i software interess… https://t.c

    @Vulcanux_

    30 Jun 2025

    42 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. 🚨 #CVE-2024-54085: The Rising Threat of BMC Vulnerabilities in Cybersecurity https://t.co/ZtdaWtRNqk Educational Purposes!

    @UndercodeUpdate

    28 Jun 2025

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. In comment of the recent CISA news on vulnerability CVE-2024-54085, AMI is happy to report that in collaboration with Eclypsium, this issue was timely patched to our customers, highlighting AMI's commitment to safeguarding the compute ecosystem. https://t.co/6KNZEVZmyt https://t.

    @AMI_PR

    27 Jun 2025

    75 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. Following the CISA news about vulnerability CVE-2024-54085, AMI is happy to report that in collaboration with Eclypsium, this issue was timely patched to our customers, highlighting AMI's commitment to safeguarding the compute ecosystem. https://t.co/6KNZEVZmyt https://t.co/JD6G2

    @AMI_PR

    27 Jun 2025

    14 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  12. ⚡ CVE-2024-54085: KEV additions signal active attacks - patch immediately #ZeroDayPriority. - �️ Exploit available #netsec #vulnerability #CVE #sysadmin #zeroday https://t.co/auYGqyTnST

    @0dayPublishing

    27 Jun 2025

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. Critical server vulnerability CVE-2024-54085 in AMI MegaRAC BMCs lets hackers control servers! Patch now & secure your data centers. Read more: https://t.co/PuiVFvK8WV https://t.co/LFt7XPsZsx

    @blackbeltsecure

    27 Jun 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. I think CVE-2024-54085 (AMI MegaRAC SPx Authentication bypass) (discovered by @eclypsium) is the first BMC vulnerability in CISA's Known Exploited Vulnerabilities list.. https://t.co/AM53HZiqLt https://t.co/P3EsMfk3rJ

    @ChaseInfosec

    27 Jun 2025

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  15. A recently discovered CVE-2024-54085 vulnerability in AMI MegaRAC SPx server management firmware is actively being exploited, allowing attackers to gain complete control over vulnerable systems. With a severity score of 10, this flaw has critical implications for enterprise in...

    @CybrPulse

    27 Jun 2025

    33 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    0 Quotes

  16. ¡ALERTA! 🚨 Vulnerabilidad crítica CVE-2024-54085 en AMI MegaRAC permite control total de servidores. Explotación activa a nivel global. ¿Tu servidor está a salvo? Descúbrelo ahora: https://t.co/l4vPBfTL4G #ciberseguridad #seguridad

    @tendigitales

    26 Jun 2025

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. Yesterday CISA added CVE-2024-54085, a vulnerability discovered by Eclypsium that affects AMI’s MegaRAC BMC software, to its KEV catalog. The vulnerability allows remote, unauthenticated attackers to take full control of servers. More in @NetworkWorld: https://t.co/lTRimxepxl

    @eclypsium

    26 Jun 2025

    122 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  18. 🚨 AMI MegaRAC firmware flaw (CVSS 10.0) actively exploited – full device takeover possible! Cyberattacks on unpatched D-Link routers (Akira ransomware entry) and Fortinet hard-coded keys. 🔥 Three Actively Exploited Vulnerabilities 1️⃣ CVE-2024-54085 (CVSS 10.0) – A

    @cytexsmb

    26 Jun 2025

    340 Impressions

    1 Retweet

    2 Likes

    2 Bookmarks

    0 Replies

    1 Quote

  19. 📌 أضافت وكالة الأمن السيبراني والبنية التحتية الأمريكية (CISA) ثلاثة ثغرات أمنية إلى قائمة الثغرات المستغلة المعروفة، impacting AMI MegaRAC وD-Link وFortinet، بناءً على أ

    @Cybercachear

    26 Jun 2025

    56 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  20. Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2024-54085 #AMI MegaRAC SPx Authentication Bypass by Spoofing Vulnerability https://t.co/n8exb90hnr

    @ScyScan

    25 Jun 2025

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  21. 🛡️ We added Fortinet FortiOS, D-Link DIR-859 Router, & AMI MegaRAC SPx vulnerabilities CVE-2019-6693, CVE-2024-0769, & CVE-2024-54085 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect against cyberattacks

    @CISACyber

    25 Jun 2025

    7061 Impressions

    20 Retweets

    51 Likes

    9 Bookmarks

    2 Replies

    3 Quotes

  22. ASUS releases fix for AMI bug that lets hackers brick servers ASUS has released security updates to address CVE-2024-54085, a maximum severity flaw that could allow attackers to hijack and potentially brick servers. [...]ASUS has released security updates to address CVE-2024-...

    @SecurityAid

    4 May 2025

    39 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  23. A critical vulnerability in the MegaRAC Baseboard Management Controller (BMC) identified as CVE-2024-54085 poses a severe risk of ransomware and malware infections, prompting urgent patches from various OEMs, including ASUS. With the flaw being rated 10/10 in severity, immedia...

    @CybrPulse

    26 Apr 2025

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  24. ASUS has released security updates to address CVE-2024-54085, a maximum severity flaw that could allow attackers to hijack and potentially brick servers. https://t.co/cu1ZuK7w8q #rhymtech #thinkcyberthinkrhym #rhymcyberupdates

    @Rhym_Tech

    24 Apr 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  25. 🔴 ASUS lanza actualizaciones de seguridad para abordar una falla (CVE-2024-54085) relacionada al software MegaRAC Baseboard Management Controller (BMC) de American Megatrends International, que podría permitir secuestrar y potencialmente bloquear servidores. 🧉 https://t.co/ZRgn

    @MarquisioX

    23 Apr 2025

    35 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  26. ASUSは、深刻度が最大とされる脆弱性CVE-2024-54085に対応するセキュリティ更新を発表した。 この脆弱性は、複数のサーバーベンダーが採用するAMI社のMegaRAC BMCソフトウェアに存在し、遠隔からの攻撃によりマルウェア感染やファームウェア改ざん、過電圧による物理的損傷が可能となる。

    @yousukezan

    23 Apr 2025

    1942 Impressions

    4 Retweets

    11 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  27. 🚨 Critical ASUS server security update! CVE-2024-54085 can let attackers take control. Update your firmware NOW to prevent malware, firmware tampering, and server damage. Details & fixes here: 👇 #Cybersecurity #ASUS #ServerSecurity https://t.co/qBqLeKLqGJ

    @fernandokarl

    23 Apr 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  28. 📌 أصدرت شركة ASUS تحديثات أمان لمعالجة ثغرة CVE-2024-54085، التي تعتبر من أخطر الثغرات، حيث يمكن أن تسمح للمهاجمين بالاستيلاء على الخوادم وإتلافها. https://t.co/1QbAYYak15

    @Cybercachear

    23 Apr 2025

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  29. CVE-2024-54085 - AMI MegaRAC BMC authentication bypass vulnerability https://t.co/c6FsSgyjSa https://t.co/ltNhRBfovy

    @SirajD_Official

    14 Apr 2025

    14 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  30. ثغرة #CVE-2024-54085 في AMI MegaRAC BMC! محتويات المدونة⬇️ ☑️التأثير: #RCE، تلف البرامج، إعادة التشغيل اللانهائ ☑️الاصدارات: MegaRACSP-X 2024-08-27 وقبل ☑️بحث https://t.co/gKKiwWs7Q2 ب: title: MegaRAC ☑️إجراءات الأمان: استخدم أحدث الاصدارات و #ASM https://t.co/KS9qp66Aod https://

    @CriminalIP_AR

    11 Apr 2025

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  31. 서버 장악 위협 AMI MegaRAC BMC 취약점 #CVE-2024-54085! 블로그 미리보기⬇️ ☑️주요 영향: #RCE, 펌웨어 손상, 무한 재부팅 ☑️취약 버전: MegaRAC SP-X 2024-08-27 이전 버전 ☑️https://t.co/ZdemHmPDgn 탐색 쿼리: title: MegaRAC ☑️보안 조치: 최신 펌웨어 & #ASM 활용 https://t.co/42ROEHXQzL https://t.co/RvWa4Y32AD

    @CriminalIP_KR

    11 Apr 2025

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  32. 🚨AMI MegaRAC BMC vulnerability #CVE-2024-54085: attackers fully hijack your server 😱 Blog sneak peek ⬇️ ☑️ Impact: #RCE, firmware damage, endless reboots ☑️ Affected: pre-2024-08-27 MegaRAC SP-X ☑️ Query: title: MegaRAC ☑️ Fix: Patch it & use #ASM https://t.co/JVE1egjdCF h

    @CriminalIP_US

    10 Apr 2025

    104 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  33. CVE-2024-54085 - AMI MegaRAC BMC authentication bypass vulnerability https://t.co/5i7uNOjEdV https://t.co/qexuKOlEOD

    @IdentityJason

    8 Apr 2025

    21 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  34. Actively exploited CVE : CVE-2024-54085

    @transilienceai

    27 Mar 2025

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  35. A major security flaw, CVE-2024-54085, has been detected in MegaRAC BMC software, exposing data centers to severe threats. This vulnerability could enable attackers to gain unauthorized access. #CyberSecurity #Data #BMCVulnerability #networksecurity https://t.co/SRrgSSpKyB

    @Kiarataylor07

    25 Mar 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  36. CVE-2024-54085 (CVSS 10): Critical BMC Flaw Exposes Servers to Total Takeover, Destruction https://t.co/RUpeuk1YRk

    @Dinosn

    20 Mar 2025

    2206 Impressions

    6 Retweets

    26 Likes

    5 Bookmarks

    0 Replies

    1 Quote

  37. A critical vulnerability, CVE-2024-54085, has been discovered in the AMI MegaRAC firmware, scoring a 10 on the CVSS scale. This flaw allows an authentication bypass in the Redfish API, affecting several major server brands including Asus and Lenovo. Fortunate users need to app...

    @CybrPulse

    19 Mar 2025

    39 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  38. 🚨 Critical AMI MegaRAC flaw (CVE-2024-54085) lets remote attackers hijack, brick, and infect servers from HPE, Asus, ASRock, and more. 1,000+ servers exposed online! Patch now! #Deepweb #Darkweb More breaking news from the world and the Darkweb here: https://t.co/ZF7G3lwRdM http

    @godeepweb

    19 Mar 2025

    60 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  39. ⚠️ Vulnerability Alert: Severe AMI BMC Vulnerability 📅 Timeline: Disclosure: 2025-03-11 📌 Attribution: 🆔cveId: CVE-2024-54085 📊baseScore: 10.0 📏cvssMetrics:… https://t.co/Z2OGzmaNG4

    @syedaquib77

    19 Mar 2025

    28 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  40. A critical vulnerability in AMI’s MegaRAC software, known as CVE-2024-54085, could allow attackers to bypass authentication remotely and gain complete control over compromised servers. With a staggering CVSS score of 10.0, this flaw impacts numerous data center infrastructures...

    @CybrPulse

    19 Mar 2025

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  41. 🚨 Critical AMI BMC Vulnerability (CVE-2024-54085) – CVSS 10.0! A severe authentication bypass flaw allows attackers to: 🔹 Remotely control servers & deploy malware 🔹 Tamper with firmware, brick motherboards & cause reboot loops 🔹 Potentially damage hardware ⚠️ Affe

    @achi_tech

    19 Mar 2025

    35 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  42. A critical flaw in AMI MegaRAC BMC software (CVE-2024-54085) enables attackers to hijack and damage servers. Admins urged to patch urgently to prevent risks. https://t.co/Hdbbhu98Wg

    @Teemu_Tiainen

    19 Mar 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  43. CVE-2024-54085 : Critical AMI MegaRAC bug can let attackers hijack, brick servers #IPMI https://t.co/Tcrk6r9yCn

    @freedomhack101

    19 Mar 2025

    31 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    0 Quotes

  44. CVE-2024-54085:重大なAMI MegaRACのバグにより、攻撃者がサーバーを乗っ取ったり、破損させたりする可能性があります。 https://t.co/uRW6CJZ96T #Security #セキュリティ #ニュース

    @SecureShield_

    19 Mar 2025

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  45. A critical vulnerability (CVE-2024-54085) in AMI’s MegaRAC BMC software can let attackers remotely hijack and damage servers. Affects many vendors like HPE and Asus. 🛡️⚠️ #ServerSecurity #AMIVulnerability #USA link: https://t.co/WpcJjZFFcz https://t.co/bOXWZk4Lv2

    @TweetThreatNews

    18 Mar 2025

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  46. 📌 تم الكشف عن ثغرة أمنية خطيرة في برنامج BMC التابع لشركة AMI، مما يمكن المهاجمين من تجاوز المصادقة. تُعزى الثغرة، المصنفة CVE-2024-54085، إلى درجة خطورة قصوى (10.0) وقد تسمح بالاستيلاء على الخوادم عن بُعد وتلفها. #الامن_السيبراني https://t.co/zE12921mDV

    @Cybercachear

    18 Mar 2025

    28 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  47. Today, Eclypsium released more details about CVE-2024-54085 - A CVSS 10.0 severity vulnerability in BMC software, remotely exploitable authentication bypass (with an SSRF flair). At last count, there are over 1,000 exposed to the Internet. The exploit is very simple.… https://t.c

    @securityweekly

    18 Mar 2025

    410 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  48. 🚨 Critical AMI BMC Vulnerability (CVE-2024-54085) – CVSS 10.0! A severe authentication bypass flaw allows attackers to: 🔹 Remotely control servers & deploy malware 🔹 Tamper with firmware, brick motherboards & cause reboot loops 🔹 Potentially damage hardware ⚠️ Affe

    @TheHackersNews

    18 Mar 2025

    12962 Impressions

    42 Retweets

    108 Likes

    13 Bookmarks

    2 Replies

    4 Quotes

  49. 🚨 Critical AMI BMC Vulnerability (CVE-2024-54085) – 10.0 CVSS! A newly disclosed authentication bypass flaw allows attackers to: — Remotely control servers & deploy malware — Tamper with firmware, brick motherboards & cause indefinite reboots — Potentially damage physi

    @TheHackersNews

    18 Mar 2025

    918 Impressions

    1 Retweet

    3 Likes

    2 Bookmarks

    0 Replies

    1 Quote

  50. 🚨 AMI has released updates to address critical vulnerabilities in SPx, AptioV, and EDK2 firmware. CVE-2024-54085 allows remote authentication bypass, posing severe risks. #AMIFirmware #CVE2024 #USA link: https://t.co/9rvOsTes9E https://t.co/0GNNjhHmjk

    @TweetThreatNews

    13 Mar 2025

    16 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.