Vulnerabilities in the XClarity management controller jeopardize Lenovo servers
Attackers can attack Lenovo appliances and servers. Security updates are available for download.
Examination of the systems for anomalies
(Image: Bild erstellt mit KI in Bing Designer durch heise online / dmk)
Due to several vulnerabilities in Lenovo's management controller XClarity (XCC), several of the computer manufacturer's appliance and server models are vulnerable. In the worst-case scenario, malicious code can get onto systems.
In a warning message, Lenovo classifies the severity of the vulnerabilities (CVE-2024-38508, CVE-2024-38509, CVE-2024-38510, CVE-2024-38511, CVE-2024-38512) as"high". A classification according to CVSS specifications is still pending.
The vulnerabilities affect the web and SSH Captive Command Shell interface, among others. At these points, attackers can upload files prepared with malicious code to execute their own commands. However, attackers must have XCC authentication for all attacks.
Appliances from the MX3330 series and servers from the SD650-V3 series are affected by the vulnerabilities. As the list of XCC versions secured against attacks is beyond the scope of this report, admins will have to search for the issues affecting them in Lenovo's warning message.
(des)
