The flaw in the remote management device could allow an attacker to plug in a 'virtual' thumb drive laden with malware.
A new type of Supermicro bug could potentially allow hackers to take down the entire network of computers on corporate servers using 'virtual USBs'.
Researchers from security firm Eclypsium revealed vulnerabilities in a number of Supermicro baseboard management controllers (BMC). The BMCs allow system admins to do things like load old software onto a server from a CD or upgrade an Operating System (OS) from an image on an external drive, Wired reported.
The flaw in the remote management device could allow an attacker to plug in a 'virtual' thumb drive laden with malware. The researchers notified Supermicro about the flaw discovered on Supermicro X9, X10, and X11 platforms in June and the company issued firmware updates for all the affected BMCs.