Home / Companies / Cloudflare / Blog / Post Details
Content Deep Dive

Cloudflare’s approach to handling BMC vulnerabilities

Blog post from Cloudflare

Post Details
Company
Date Published
Author
Derek Chamorro, Rebecca Weekly
Word Count
1,044
Company Posts That Month
64
Language
English
Hacker News Points
-
Post removed?
No
Summary

Recent cyber attacks on servers like Baseboard Management Controllers (BMCs) have targeted vulnerabilities such as Pantsdown and USBAnywhere, leaving servers vulnerable due to infrequent firmware updates. Cloudflare has discovered new critical vulnerabilities in popular BMC software used in their fleet. These vulnerabilities can enable ransomware propagation, server bricking, and data theft. To mitigate the impact of these vulnerabilities, Cloudflare has updated firmware, reduced exposure of BMC remote and local interfaces, disabled default passwords, and enabled BMC logging and auditing. Additionally, they are moving forward with OpenBMC, an open-source firmware for supported baseboard management controllers, and extending secure boot capabilities to the very first device that has power to their systems.

Trends Found in this Post
Trend Post Mentions Total Month Mentions Posts Companies MoM
Zero Trust 1 394 27 11 +84%
Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.