The vulnerability identified as CVE-2024-54085 affects AMI's MegaRAC-SPx BMC firmware versions 12.0 and 13.0. It is classified under CWE-290, indicating an authentication bypass by spoofing. The flaw resides in the Redfish Host Interface, a management API used to remotely control and monitor server hardware. An attacker can exploit this vulnerability remotely without any authentication, privileges, or user interaction, effectively bypassing all authentication mechanisms. This allows the attacker to gain unauthorized access to the BMC, which controls critical server functions such as power management, hardware monitoring, and firmware updates. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H) reflects that the attack can be launched over the network with low complexity, no authentication, and no user interaction, and it results in high impact on confidentiality, integrity, and availability. The BMC's compromise can lead to full system control, enabling attackers to manipulate hardware state, extract sensitive information, or cause denial of service. Although no known exploits are currently reported in the wild, the critical nature of this vulnerability demands immediate attention from affected organizations. The lack of available patches at the time of disclosure increases the urgency for interim mitigations.

The impact of CVE-2024-54085 is severe for organizations relying on AMI MegaRAC-SPx BMCs in their server infrastructure. Successful exploitation grants attackers full control over the BMC, enabling them to manipulate hardware settings, access sensitive system data, and disrupt server availability. This can lead to data breaches, persistent backdoors at the hardware level, and significant operational downtime. Given that BMCs operate independently of the host OS, traditional endpoint security controls may not detect or prevent such attacks. The vulnerability's remote exploitability without authentication means attackers can target exposed management interfaces directly, increasing the attack surface. Industries with critical infrastructure, cloud providers, data centers, and enterprises with large server deployments are particularly at risk. The potential for widespread impact is high, especially in environments where BMC interfaces are accessible from less trusted networks or insufficiently segmented environments.

Until official patches are released by AMI, organizations should implement strict network segmentation to isolate BMC management interfaces from untrusted networks. Access to the Redfish Host Interface should be restricted using firewall rules and VPNs, limiting connections to trusted administrators only. Employ network-level authentication and monitoring to detect anomalous access attempts to BMC interfaces. Disable or restrict Redfish API access if not required for operations. Regularly audit and update firmware to the latest versions once patches become available. Implement multi-factor authentication on management interfaces where supported to add an additional layer of security. Monitor vendor advisories closely for patch releases and apply them promptly. Consider deploying intrusion detection systems tailored to detect suspicious activity targeting BMCs. Finally, review and harden BMC configuration settings to minimize exposure.