Service Processor Privilege Isolation and Getting Caught with Your Pants Down

Explore the security vulnerabilities of modern server Baseboard Management Controllers (BMCs) in this 40-minute conference talk from linux.conf.au. Delve into the world of service processor privilege isolation and learn about the potential risks associated with BMC hardware designs and firmware. Discover methods for gaining complete persistent control of BMCs using various hardware features, and understand the importance of separating management and workload security domains in cloud and dedicated server environments. Gain insights into recent research on BMC ecosystems and the exploitation of software flaws in existing firmware implementations. Follow the presentation's structure, covering topics such as Open BMC, firmware interfaces, BMC threat models, LPC interface configuration, and a comprehensive summary of findings.