CVE-2024-54085

Redfish Authentication Bypass

Basic Information

CVE State
PUBLISHED
Reserved Date
November 28, 2024
Published Date
March 11, 2025
Last Updated
July 30, 2025
Vendor
AMI
Product
MegaRAC-SPx
Description
AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.
Tags
cisa

CVSS Scores

CVSS v4.0

10.0 - CRITICAL

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

EPSS Score

Score
10.64% (Percentile: 92.95%) as of 2025-07-23

SSVC Information

Exploitation
active
Automatable
Yes
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (2025-06-24 04:40:30 UTC) Source

Known Exploited Vulnerability Information

Source Added Date
CVE 2025-06-24 04:40:23 UTC

Recent Mentions

CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet

Source: TheHackerNews • Published: 2025-06-26 06:02:00 UTC

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added three security flaws, each impacting AMI MegaRAC, D-Link DIR-859 router, and Fortinet FortiOS, to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2024-54085 (CVSS score: 10.0) - An authentication bypass by spoofing

Siemens IPC RS-828A

Source: All CISA Advisories • Published: 2025-05-15 12:00:00 UTC

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: IPC RS-828A Vulnerability: Authentication Bypass by Spoofing 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access and compromise confidentiality, integrity and availability of the BMC and thus the entire system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports the following rugged industrial PCs are affected: SIMATIC IPC RS-828A: All versions 3.2 VULNERABILITY OVERVIEW 3.2.1 AUTHENTICATION BYPASS BY SPOOFING CWE-290 AMI's SPx contains a vulnerability in the BMC where an attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. CVE-2024-54085 has been assigned to this vulnerability. A CVSS v3.1 base score of 10.0 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). A CVSS v4 score has also been calculated for CVE-2024-54085. A base score of 10.0 has been calculated; the CVSS vector string is (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H). 3.3 BACKGROUND CRITICAL INFRASTRUCTURE SECTORS: Commercial Facilities, Critical Manufacturing, Energy, Transportation Systems, Water and Wastewater Systems COUNTRIES/AREAS DEPLOYED: Worldwide COMPANY HEADQUARTERS LOCATION: Germany 3.4 RESEARCHER Siemens reported this vulnerability to CISA. 4. MITIGATIONS Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not,...

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel