CVE-2024-54085
Redfish Authentication Bypass
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- November 28, 2024
- Published Date
- March 11, 2025
- Last Updated
- June 27, 2025
- Vendor
- AMI
- Product
- MegaRAC-SPx
- Description
- AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.
- Tags
- Score
- 10.64% (Percentile: 92.94%) as of 2025-07-17
- Exploitation
- active
- Automatable
- Yes
- Technical Impact
- total
- Exploited in the Wild
- Yes (2025-06-24 04:40:30 UTC) Source
cisa
CVSS Scores
CVSS v4.0
10.0 - CRITICAL
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
EPSS Score
SSVC Information
Exploit Status
Known Exploited Vulnerability Information
Source | Added Date |
---|---|
CVE | 2025-06-24 04:40:23 UTC |
Recent Mentions
CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet
Source: TheHackerNews • Published: 2025-06-26 06:02:00 UTC
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added three security flaws, each impacting AMI MegaRAC, D-Link DIR-859 router, and Fortinet FortiOS, to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The list of vulnerabilities is as follows -
CVE-2024-54085 (CVSS score: 10.0) - An authentication bypass by spoofing
Siemens IPC RS-828A
Source: All CISA Advisories • Published: 2025-05-15 12:00:00 UTC
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 10.0
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Siemens
Equipment: IPC RS-828A
Vulnerability: Authentication Bypass by Spoofing
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access and compromise confidentiality, integrity and availability of the BMC and thus the entire system.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Siemens reports the following rugged industrial PCs are affected:
SIMATIC IPC RS-828A: All versions
3.2 VULNERABILITY OVERVIEW
3.2.1 AUTHENTICATION BYPASS BY SPOOFING CWE-290
AMI's SPx contains a vulnerability in the BMC where an attacker may bypass authentication remotely through the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.
CVE-2024-54085 has been assigned to this vulnerability. A CVSS v3.1 base score of 10.0 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2024-54085. A base score of 10.0 has been calculated; the CVSS vector string is (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H).
3.3 BACKGROUND
CRITICAL INFRASTRUCTURE SECTORS: Commercial Facilities, Critical Manufacturing, Energy, Transportation Systems, Water and Wastewater Systems
COUNTRIES/AREAS DEPLOYED: Worldwide
COMPANY HEADQUARTERS LOCATION: Germany
3.4 RESEARCHER
Siemens reported this vulnerability to CISA.
4. MITIGATIONS
Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not,...
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Added to KEVIntel