Researchers from Binarly have disclosed seven high-severity vulnerabilities in Supermicro baseboard management controllers that could be exploited to gain control of servers. The vulnerabilities require manual installation of fixes and affect select Supermicro motherboards. Exploiting these vulnerabilities may require administrative privileges in the BMC web interface and can lead to remote compromise and lateral movement within internal networks.

https://arstechnica.com/security/2023/10/vulnerabilities-in-supermicro-bmcs-could-allow-for-unkillable-server-rootkits/