← ExploitWatch
HomeExploited Vulnerabilities

CVE-2024-54085 — Actively Exploited: MegaRAC SPx (AMI)

AMI MegaRAC SPx contains an authentication bypass by spoofing vulnerability in the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.

CVE IDCVE-2024-54085
VendorAMI
ProductMegaRAC SPx
Vulnerability nameAMI MegaRAC SPx Authentication Bypass by Spoofing Vulnerability
Date added2025-06-25
Remediation due2025-07-16
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
DescriptionAMI MegaRAC SPx contains an authentication bypass by spoofing vulnerability in the Redfish Host Interface. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →