Vulnerabilities in baseboard management controllers: risks and mitigation strategies in the IIoT environment

Abstract

Vulnerabilities in Baseboard Management Controllers (BMCs) have a high impact on the Industrial Internet of Things (IIoT) environment. Recently, a set of vulnerabilities in BMCs disclosed by Nozomi Networks expose Operational Technology (OT) and IIoT networks to remote attacks. This paper reviews a set of vulnerabilities in BMC affecting IIoT devices and discusses the risks and implications of the vulnerabilities found, and how they can be mitigated. The discovery of vulnerabilities in BMC highlights the urgent need for a comprehensive and multifaceted approach to securing the IIoT environment. It is concluded that a general improvement in the security of BMC could be achieved by adopting the open-source philosophy and standardizing the hardware interface.