Two New Supermicro BMC Bugs Allow Malicious Firmware to Evade Root of Trust Security

Cybersecurity researchers have disclosed details of two security vulnerabilities impacting Supermicro Baseboard Management Controller (BMC) firmware that could potentially allow attackers to bypass crucial verification steps and update the system with a specially crafted image.
The medium-severity vulnerabilities, both of which stem from improper verification of a cryptographic signature, are