Wednesday, March 27, 2019

ASPEED AST2400 & AST2500 Security Vunerabilities

GIGABYTE is aware of a recently security vulnerability, CVE-2019-6260, which affects GIGABYTE server motherboards and systems using ASPEED AST2400 or AST2500 SOC to implement BMC functionality. According to the National Vulnerability Database, the ASPEED AST2400 and AST2500 BMC hardware and firmware implement Advanced High-performance Bus bridges, which can allow arbitrary read and write access to the BMC's physical address space from the host.