If your organization uses servers that are equipped with baseboard management controllers from Supermicro, it’s time, once again, to patch seven high-severity vulnerabilities that attackers could exploit to gain control of them. And sorry, but the fixes must be installed manually.

Typically abbreviated as BMCs, baseboard management controllers are small chips that are soldered onto the motherboard of servers inside data centers. Administrators rely on these powerful controllers for various remote management capabilities, including installing updates, monitoring temperatures and setting fan speeds accordingly, and reflashing the UEFI system firmware that allows servers to load their operating systems during reboots. BMCs provide these capabilities and more, even when the servers they’re connected to are turned off.

Code execution inside the BMC? Yup

The potential for vulnerabilities in BMCs to be exploited and used to take control of servers hasn’t been lost on hackers. In 2021, hackers exploited a vulnerability in BMCs from HP Enterprise and installed a custom rootkit, researchers from Amnpardaz, a security firm in Iran, reported that year. ILObleed, as the researchers named the rootkit, hid inside the iLO, a module in HPE BMCs that’s short for Integrated Lights-Out.

ILObleed was programmed to destroy data stored on disk. If admins reinstalled the operating system, iLObleed would remain intact and reactivate the disk-wiping attack repeatedly. The unknown attackers responsible took control of the BMCs by exploiting a vulnerability HPE had fixed four years earlier. In June, the National Security Agency urged admins to follow guidance to prevent such incidents.

Researchers from security firm Binarly on Tuesday disclosed seven high-severity vulnerabilities in the IPMI (Intelligent Platform Management Interface) BMC firmware. Supermicro has acknowledged the vulnerabilities, thanked Binarly, and provided patching information here. There’s no automated way to install the updates. Supermicro said it’s unaware of any malicious exploitation of the vulnerabilities in the wild.

One of the seven vulnerabilities, tracked as CVE-2023-40289, allows for the execution of malicious code inside the BMC, but there’s a catch: Exploiting the flaw requires already obtained administrative privileges in the web interface used to configure and control the BMCs. That’s where the remaining six vulnerabilities come in. All six of them allow cross-site scripting, or XSS, attacks on machines used by admins. The exploit scenario is to use one or more of them in combination with CVE-2023-40289.

In an email, Binarly founder and CEO Alex Matrosov wrote:

Exploiting this vulnerability requires already obtained administrative privileges in the BMC Web Interface. To achieve it, a potential attacker can utilize any of the XSS vulnerabilities we found. In such a case, the exploitation path will look like this potential scenario:

1. an attacker prepares a malicious link with the malicious payload
2. includes it in phishing emails (for example)
3. when this click is opened, the malicious payload will be executed inside BMC OS.

Admins can remotely communicate with Supermicro BMCs through various protocols, including SSH, IPMI, SNMP, WSMAN, and HTTP/HTTPS. The vulnerabilities Binarly discovered can be exploited using HTTP. While the NSA and many other security practitioners strongly urge that BMC interfaces be isolated from the Internet, there’s evidence that this advice is routinely ignored. A recent query to the Shodan search engine revealed more than 70,000 instances of Supermicro BMC that have their IPMI web interface publicly available.

The road map for exploiting the vulnerabilities against servers with Supermicro interfaces exposed this way is illustrated below:

In Tuesday’s post, Binarly researchers wrote:

First, it is possible to remotely compromise the BMC system by exploiting vulnerabilities in the Web Server component exposed to the Internet. An attacker can then gain access to the Server’s operating system via legitimate iKVM remote control BMC functionality or by flashing the UEFI of the target system with malicious firmware that allows persistent control of the host OS. From there, nothing prevents an attacker from lateral movement within the internal network, compromising other internal hosts.

All the vulnerabilities Binarly discovered originate in IPMI firmware third-party developer ATEN developed for Supermicro. While ATEN patched CVE-2023-40289 six months ago, the fix never made its way into the firmware.

“This is a supply chain problem because it can be other BMC vendors that can be potentially impacted by these vulnerabilities,” Matrosov wrote.

Less than a week after Meta unveiled AI-generated stickers in its Facebook Messenger app, users are already abusing it to create potentially offensive images and sharing the results on social media, reports VentureBeat. In particular, an artist named Pier-Olivier Desbiens posted a series of virtual stickers that went viral on X on Tuesday, starting a thread of similarly problematic AI image generations shared by others.

“Found out that facebook messenger has ai generated stickers now and I don’t think anyone involved has thought anything through,” Desbiens wrote in his post. “We really do live in the stupidest future imaginable,” he added in a reply.

Available to some users on a limited basis, the new AI stickers feature allows people to create AI-generated simulated sticker images from text-based descriptions in both Facebook Messenger and Instagram Messenger. The stickers are then shared in chats, similar to emojis. Meta uses its new Emu image synthesis model to create them and has implemented filters to catch many potentially offensive generations. But plenty of novel combinations are slipping through the cracks.

The questionable generations shared on X include Mickey Mouse holding a machine gun or a bloody knife, the flaming Twin Towers of the World Trade Center, the pope with a machine gun, Sesame Street’s Elmo brandishing a knife, Donald Trump as a crying baby, Simpsons characters in skimpy underwear, Luigi with a gun, Canadian Prime Minister Justin Trudeau flashing his buttocks, and more.

This isn’t the first time AI-generated imagery has inspired threads full of giddy experimenters trying to break through content filters on social media. Generations like these have been possible in uncensored open source image models for over a year, but it’s notable that Meta publicly released a model that can create them without more strict safeguards in place through a feature integrated into flagship apps such as Instagram and Messenger.

Notably, OpenAI’s DALL-E 3 has been put through similar paces recently, with people testing the AI image generator’ filter limits by creating images that feature real people or include violent content. It’s difficult to catch all the potentially harmful or offensive content across cultures worldwide when an image generator can create almost any combination of objects, scenarios, or people you can imagine. It’s yet another challenge facing moderation teams in the future of both AI-powered apps and online spaces.

Over the past year, it has been common for companies to beta-test generative AI systems through public access, which has brought us doozies like Meta’s flawed Galactica model last November and the unhinged early version of the Bing Chat AI model. If past instances are any indication, when something offensive gets wide attention, the developer typically reacts by either taking it down or strengthening built-in filters. So will Meta pull the AI stickers feature or simply clamp down by adding more words and phrases to its keyword filter?

When VentureBeat reporter Sharon Goldman questioned Meta spokesperson Andy Stone about the stickers late Tuesday, he pointed to a blog post titled Building Generative AI Features Responsibly and said, “As with all generative AI systems, the models could return inaccurate or inappropriate outputs. We’ll continue to improve these features as they evolve and more people share their feedback.”

Ransomware hackers have started exploiting one or more recently fixed vulnerabilities that pose a grave threat to enterprise networks around the world, researchers said.

One of the vulnerabilities has a severity rating of 10 out of a possible 10 and another 9.9. They reside in WS_FTP Server, a file-sharing app made by Progress Software. Progress Software is the maker of MOVEit, another piece of file-transfer software that was recently hit by a critical zero-day vulnerability that has led to the compromise of more than 2,300 organizations and the data of more than 23 million people, according to security firm Emsisoft. Victims include Shell, British Airways, the US Department of Energy, and Ontario’s government birth registry, BORN Ontario, the latter of which led to the compromise of information for 3.4 million people.

About as bad as it gets

CVE-2023-40044, as the vulnerability in WS_FTP Server is tracked, and a separate vulnerability tracked as CVE-2023-42657 that was patched in the same October 28 update from Progress Software, are both about as critical as vulnerabilities come. With a severity rating of 10, CVE-2023-40044 allows attackers to execute malicious code with high system privileges with no authentication required. CVE-2023-42657, which has a severity rating of 9.9, also allows for remote code execution but requires the hacker to first be authenticated to the vulnerable system.

Last Friday, researchers from security firm Rapid7 delivered the first indication that at least one of these vulnerabilities might be under active exploitation in “multiple instances. On Monday, the researchers updated their post to note they had discovered a separate attack chain that also appeared to target the vulnerabilities. Shortly afterward, researchers from Huntress confirmed an “in-the-wild exploitation of CVE-2023-40044 in a very small number of cases within our partner base (single digits currently).” In an update Tuesday, Huntress said that on at least one hacked host, the threat actor added persistence mechanisms, meaning it was attempting to establish a permanent presence on the server.

Also on Tuesday came a post on Mastodon from Kevin Beaumont, a security researcher with extensive ties to organizations whose enterprise networks are under attack.

“An org hit by ransomware is telling me the threat actor got in via WS_FTP, for infos, so you might want to prioritize patching that,” he wrote. “The ransomware group targeting WS_FTP are targeting the web version.” He added advice for admins using the file transfer program to search for vulnerable entry points using the Shodan search tool.

A bit shocking

CVE-2023-40044 is what’s known as a deserialization vulnerability, a form of bug in code that allows user-submitted input to be converted into a structure of data known as an object. In programming, objects are variables, functions, or data structures that an app refers to. By essentially transforming untrusted user input into code of the attacker’s making, deserialization exploits have the potential to carry severe consequences. The deserialization vulnerability in WS_FTP Server is found in code written in the .NET programming language.

Researchers from security firm Assetnote discovered the vulnerability by decompiling and analyzing the WS_FTP Server code. They eventually identified a “sink,” which is code designed to receive incoming events, that was vulnerable to deserialization and worked their way back to the source.

“Ultimately, we discovered that the vulnerability could be triggered without any authentication, and it affected the entire Ad Hoc Transfer component of WS_FTP,” Assetnote researchers wrote Monday. “It was a bit shocking that we were able to reach the deserialization sink without any authentication.”

Besides requiring no authentication, the vulnerability can be exploited by sending a single HTTP request to a server, as long as there’s what’s known as a ysoserial gadget pre-existing.

The WS_FTP Server vulnerability may not pose as grave a threat to the Internet as a whole compared to the exploited vulnerability in MOVEit. One reason is that a fix for WS_FTP Server became publicly available before exploits began. That gave organizations using the file-transfer software time to patch their servers before they came under fire. Another reason: Internet scans find many fewer servers running WS_FTP Server as compared to MOVEit.

Still, the damage to networks that have yet to patch CVE-2023-40044 will likely be as severe as what was inflicted on unpatched MOVEit servers. Admins should prioritize patching, and if that’s not possible right away, disable server-ad hoc transfer mode. They should also analyze their environments for signs they’ve been hacked. Indicators of compromise include:

• 103[.]163[.]187[.]12:8080
• 64[.]227[.]126[.]135
• 86[.]48[.]3[.]172
• 103[.]163[.]187[.]12
• 161[.]35[.]27[.]144
• 162[.]243[.]161[.]105
• C:WindowsTEMPzpvmRqTOsP.exe
• C:WindowsTEMPZzPtgYwodVf.exe

Other helpful security guidance is available here from security firm Tenable.