![Flagging firmware vulnerabilities. [Research Saturday]](https://megaphone.imgix.net/podcasts/58ab7ae0-def8-11ea-b34c-b35b208b0539/image/daily-podcast-cover-art-cw.png?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress "Flagging firmware vulnerabilities. [Research Saturday]")
Flagging firmware vulnerabilities. [Research Saturday]
Update: 2023-01-28
Description
Roya Gordon from Nozomi Networks sits down with Dave to discuss their research on "Vulnerabilities in BMC Firmware Affect OT/IoT Device Security." Researchers at Nozomi Networks has revealed that there are thirteen vulnerabilities that affect BMCs of Lanner devices based on the American Megatrends (AMI) MegaRAC SP-X.
The research states "By abusing these vulnerabilities, an unauthenticated attacker may achieve Remote Code Execution (RCE) with root privileges on the BMC, completely compromising it and gaining control of the managed host." As well as mentioning what patches could be in the future to help fix these vulnerabilities.
The research can be found here:
Learn more about your ad choices. Visit megaphone.fm/adchoices
Comments
In Channel
![Season finale: Leading security in a brave new world. [CISOP]](https://megaphone.imgix.net/podcasts/5e86f666-d9ec-11f0-8a61-3b434edc70be/image/4576c79a6260b29daaff0ea0480913c0.png?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress "Season finale: Leading security in a brave new world. [CISOP]")
![Tech Investment Strategies and Overview [CISOP]](https://megaphone.imgix.net/podcasts/714ca95e-d469-11f0-b962-03da25c0eafd/image/4576c79a6260b29daaff0ea0480913c0.png?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress "Tech Investment Strategies and Overview [CISOP]")
![Quantum [CISOP]](https://megaphone.imgix.net/podcasts/f9558cb0-cb06-11f0-bde7-0f479da5a13c/image/4576c79a6260b29daaff0ea0480913c0.png?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress "Quantum [CISOP]")
![AI and cyber practicum [CISOP]](https://megaphone.imgix.net/podcasts/9c467642-c94e-11f0-b4e4-97c119f0cd1f/image/4576c79a6260b29daaff0ea0480913c0.png?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress "AI and cyber practicum [CISOP]")
![AI's impact on business [CISOP]](https://megaphone.imgix.net/podcasts/0d5099ac-c3fb-11f0-ac1a-43f12b033f5a/image/4576c79a6260b29daaff0ea0480913c0.png?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress "AI's impact on business [CISOP]")
![A midseason takeaway. [CISO Perspectives]](https://megaphone.imgix.net/podcasts/e60b9a5c-b8ee-11f0-9339-83476cf1cb54/image/4576c79a6260b29daaff0ea0480913c0.png?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress "A midseason takeaway. [CISO Perspectives]")
![Fraud and Identity [CISO Perspectives]](https://megaphone.imgix.net/podcasts/6b0f15de-b35f-11f0-95e4-c39668b06a85/image/4576c79a6260b29daaff0ea0480913c0.png?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress "Fraud and Identity [CISO Perspectives]")
![The changing face of fraud. [CISO Perspectives]](https://megaphone.imgix.net/podcasts/78fd2e80-adea-11f0-818b-83f6387791db/image/4576c79a6260b29daaff0ea0480913c0.png?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress "The changing face of fraud. [CISO Perspectives]")
![Privacy needs where you least expect it. [CISO Perspectives]](https://megaphone.imgix.net/podcasts/0dfe86b8-ade7-11f0-a2dc-07b764f5400a/image/bed1487d4770d4dc046135517c6d5ca5.png?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress "Privacy needs where you least expect it. [CISO Perspectives]")
![The impact of data privacy on cyber. [CISO Perspectives]](https://megaphone.imgix.net/podcasts/f6eb5456-ade6-11f0-8072-ebf27e637743/image/bed1487d4770d4dc046135517c6d5ca5.png?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress "The impact of data privacy on cyber. [CISO Perspectives]")
![Regulation takeaways with Ethan Cook. [CISO Perspectives]](https://megaphone.imgix.net/podcasts/a5b3d982-ade6-11f0-9244-83ae0821c9f6/image/bed1487d4770d4dc046135517c6d5ca5.png?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress "Regulation takeaways with Ethan Cook. [CISO Perspectives]")
![The return of CISO Perspectives. [CISO Perspectives]](https://megaphone.imgix.net/podcasts/c50b1018-9273-11f0-999a-1395058a518e/image/4576c79a6260b29daaff0ea0480913c0.png?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress "The return of CISO Perspectives. [CISO Perspectives]")
![Beyond cyber: Securing the next horizon. [Special Edition]](https://megaphone.imgix.net/podcasts/d9fecede-1c7a-11f0-85e0-97f5c0d068ec/image/0216c9cea15c53e5d2c739964a38623c.png?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress "Beyond cyber: Securing the next horizon. [Special Edition]")
Download from Google Play
Download from App Store
United States00:00
00:00
x
