Coursera Plus Annual is 40% Off — Ends July 6.

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Breaking BMC: The Forgotten Key to the Kingdom - Security Vulnerabilities in Baseboard Management Controllers

DEFCONConference via YouTube

Start learning Write review
Simplilearn Ad

UC San Diego Product Management Certificate — AI-Powered PM Training

Learn More → Boot.dev Ad

The Most Addictive Python and SQL Courses

Learn More →

Overview

AI, Data Science & Cloud Certificates from Google, IBM & Meta — 40% Off
One plan covers every Professional Certificate on Coursera. 40% off Coursera Plus Annual.
Unlock All Certificates
Explore a detailed security analysis presentation from DEF CON 31 that reveals critical vulnerabilities in the Baseboard Management Controller (BMC) system, specifically focusing on NVIDIA hardware running AMI MegaRAC BMC. Learn how researchers discovered multiple remotely exploitable bugs, privilege escalation vulnerabilities, and scope change issues that can be chained together to create severe security breaches. Follow along a comprehensive attack sequence demonstration that progresses from initial access to an IPMI-enabled AMI BMC through to successfully implementing a persistent firmware implant on the server SPI flash. Understand the significant security implications of BMC vulnerabilities, given the controller's privileged access to hardware components and remote management capabilities, including firmware updates and power control.

Syllabus

DEF CON 31 - Breaking BMC The Forgotten Key to the Kingdom - Alex Tereshkin, Adam Zabrocki

Taught by

DEFCONConference

Reviews

Start your review of Breaking BMC: The Forgotten Key to the Kingdom - Security Vulnerabilities in Baseboard Management Controllers

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.