CISA has confirmed that a critical vulnerability in AMI’s MegaRAC Baseboard Management Controller (BMC) firmware—CVE-2024-54085—is under active exploitation. The bug enables remote attackers to bypass authentication and hijack servers used widely across cloud and data center environments. Vendors like HPE, Asus, and ASRock integrate MegaRAC into equipment trusted by enterprises and infrastructure operators, including healthcare institutions.
Source: ami.com.
With low-complexity, no-user-interaction attacks possible, the exploit opens the door to malware deployment, firmware tampering, server bricking, and sustained operational disruption. CISA has added the flaw to its Known Exploited Vulnerabilities catalog and ordered federal agencies to patch by July 16.
MegaRAC PRoT and AMI Tektagon
AMI has a central role in securing healthcare IT infrastructure—it’s not only the developer of MegaRAC but also a key provider of Platform Root of Trust (PRoT) solutions like Tektagon, used to secure firmware in connected medical devices and critical hospital systems. Tektagon is a NIST SP 800-193-compliant solution for verifying, protecting, and recoverinf firmware at the root level. Healthcare organizations use the platform as a cyber defense in healthcare, ensuring only authenticated firmware can run and stopping unauthorized changes that could disrupt patient care.
Medtech and healthcare tech firms are increasingly a vector for high-impact exploits—as attacks escalate and healthcare remains a top target, the integrity of platform security vendors like AMI is an increasingly crucial concern.. In an industry where over half of all connected devices have known vulnerabilities, firmware integrity is vital. Past breaches—like the “PwnedPiper” flaw in Swisslog’s hospital transport systems or attacks exploiting Intel ME firmware—have shown how foundational tech compromises can ripple through entire care delivery networks.
