ZDNet

Gigabyte and Lenovo servers impacted by common BMC firmware flaws

Affected products used a firmware component named MergePoint EMS, made and supplied by Avocent, a software provider now a wholly-owned subsidiary of data center equipment and service provider Vertiv.
Computer Weekly

Vulnerable firmware in enterprise server supply chain

Two serious vulnerabilities in baseboard management controller (BMC) firmware used by Lenovo, Gigabyte and other manufactures in some server products can be exploited to hide malware from the ...
CSOonline

Thousands of enterprise servers are running vulnerable BMCs, researchers find

According to analysis by firmware security firm Eclypsium, 7,799 HPE iLO (HPE's Integrated Lights-Out) server baseboard management controllers (BMCs) are exposed to the internet and most do not appear ...