{"id":60351,"date":"2022-12-08T09:51:57","date_gmt":"2022-12-08T01:51:57","guid":{"rendered":"https:\/\/version-2.com\/?p=60351"},"modified":"2023-02-22T14:31:38","modified_gmt":"2023-02-22T06:31:38","slug":"finding-megarac-bmc-assets-on-your-network","status":"publish","type":"post","link":"https:\/\/version-2.com\/en\/2022\/12\/finding-megarac-bmc-assets-on-your-network\/","title":{"rendered":"Finding MegaRAC BMC assets on your network"},"content":{"rendered":"<div data-elementor-type=\"wp-post\" data-elementor-id=\"60351\" class=\"elementor elementor-60351\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-4da8c5f9 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"4da8c5f9\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;decf9c3&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-133ba185\" data-id=\"133ba185\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-fc2da8d post-content elementor-widget elementor-widget-text-editor\" data-id=\"fc2da8d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\n<p>Earlier this week, researchers with Eclypsium shared <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/severe-ami-megarac-flaws-impact-servers-from-amd-arm-hpe-dell-others\/\" target=\"_blank\">findings on three vulnerabilities<\/a> present in American Megatrends (AMI) MegaRAC firmware. MegaRAC can be found in many server manufacturers\u2019 Baseboard Management Controllers (BMCs), including AMD, Ampere Computing, ASRock, Asus, ARM, Dell EMC, Gigabyte, HPE, Huawei, Inspur, Lenovo, Nvidia, Qualcomm, Quanta, and Tyan. Successful exploitation of these vulnerabilities can provide an attacker with remote code execution, an administrative shell, and user enumeration. Given American Megatrend\u2019s broad reach across server manufacturers and models the number of systems with vulnerable MegaRAC BMC firmware could be quite large.<\/p>\n<h2 id=\"what-is-the-impact\">What is the impact? <a href=\"#what-is-the-impact\"><i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/a><\/h2>\n<p>These vulnerabilities are scored as CVSS \u201ccritical\u201d and \u201chigh\u201d severities, and the reported vulnerability details include:<\/p>\n<ul>\n<li><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2022-40259\" target=\"_blank\">CVE-2022-40259<\/a> (CVSS \u201ccritical\u201d score of 9.9) &#8211; Remote code execution via Redfish API; requires initial access to an account with callback privileges or higher<\/li>\n<li><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2022-40242\" target=\"_blank\">CVE-2022-40242<\/a> (CVSS \u201chigh\u201d score of 8.3) &#8211; Administrative shell via default credentials<\/li>\n<li><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2022-2827\" target=\"_blank\">CVE-2022-2827<\/a> (CVSS \u201chigh\u201d score of 7.5) &#8211; User enumeration via API request manipulation<\/li>\n<\/ul>\n<p>The <a href=\"https:\/\/eclypsium.com\/2022\/12\/05\/supply-chain-vulnerabilities-put-server-ecosystem-at-risk\/\" target=\"_blank\">Eclypsium report<\/a> does mention that public exposure of vulnerable BMCs appears to be \u201crelatively low compared to recent high-profile vulnerabilities in other infrastructure products.\u201d That said, data centers where many similar servers exist -\u2013including data centers providing cloud-based resources-\u2013 could yield many opportunities for an attacker who has attained access, and detection of BMC exploitation can be \u201ccomplex\u201d and is likely to be missed with traditional EDR\/AV.<\/p>\n<h2 id=\"are-updates-available\">Are updates available? <a href=\"#are-updates-available\"><i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/a><\/h2>\n<p>While American Megatrends has not made a security advisory available at the time of this publication, owners and administrators of systems with MegaRAC BMC firmware should check with their server manufacturers for patched firmware updates.<\/p>\n<p>Mitigations are offered in the <a href=\"https:\/\/eclypsium.com\/2022\/12\/05\/supply-chain-vulnerabilities-put-server-ecosystem-at-risk\/\" target=\"_blank\">Eclypsium report<\/a> (see the \u201cMitigations\u201d section), including (but not limited to) the following suggestions:<\/p>\n<ul>\n<li>Ensure that all remote server management interfaces (e.g. Redfish, IPMI) and BMC subsystems in their environments are on their dedicated management networks and are not exposed externally, and ensure internal BMC interface access is restricted to administrative users with ACLs or firewalls.<\/li>\n<li>Review vendor default configurations of device firmware to identify and disable built-in administrative accounts and\/or use remote authentication where available.<\/li>\n<\/ul>\n<h2 id=\"how-do-i-find-potentially-vulnerable-megarac-bmc-assets-with-runzero\">How do I find potentially vulnerable MegaRAC BMC assets with runZero? <a href=\"#how-do-i-find-potentially-vulnerable-megarac-bmc-assets-with-runzero\"><i class=\"fa fa-fw fa-link text-light smallx95\"><\/i><\/a><\/h2>\n<p>From the <a href=\"https:\/\/console.runzero.com\/inventory\" target=\"_blank\">Asset Inventory<\/a>, use the following <a href=\"https:\/\/console.runzero.com\/inventory?search=type%3A%22BMC%22%20and%20%28hw%3A%22MegaRAC%22%20or%20os%3A%22MegaRAC%22%29\" target=\"_blank\">pre-built query<\/a> to locate BMC assets running MegaRAC firmware which may need remediation:<\/p>\n<pre tabindex=\"0\"><code>type:\"BMC\" and (hw:\"MegaRAC\" or os:\"MegaRAC\")\n<\/code><\/pre><img decoding=\"async\" src=\"https:\/\/www.runzero.com\/img\/rapid-response\/bmc\/asset-inventory.png\" class=\"img-fluid\" alt=\"The prebuilt query is available in the Queries Library\" title=\"The Queries Library\">\n<p>You can also locate all BMC assets in your environment by <a href=\"https:\/\/console.runzero.com\/inventory?search=type%3A%22BMC%22\" target=\"_blank\">searching your Asset inventory for <code>type:\"BMC\"<\/code><\/a>, which can then be triaged further.<\/p>\n<p>As always, any prebuilt queries are available from our <a href=\"https:\/\/console.runzero.com\/queries\" target=\"_blank\">Queries Library<\/a>. Check out the library for other useful inventory <a href=\"https:\/\/www.runzero.com\/docs\/search-query-list\/\" target=\"_blank\">queries<\/a>.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8085a61 post-content elementor-widget elementor-widget-shortcode\" data-id=\"8085a61\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"55060\" class=\"elementor elementor-55060\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-6b25dc0d elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"6b25dc0d\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-3cc1b37d\" data-id=\"3cc1b37d\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-52c4a230 elementor-widget elementor-widget-text-editor\" data-id=\"52c4a230\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>About runZero<\/strong><br \/>runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network\u2013without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>Earlier this week, researchers with Eclypsium shared fi [&hellip;]<\/p>","protected":false},"author":143524195,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[488,976,61],"tags":[489,977],"class_list":["post-60351","post","type-post","status-publish","format-standard","hentry","category-488","category-runzero","category-press-release","tag-489","tag-runzero"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Finding MegaRAC BMC assets on your network - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.runzero.com\/blog\/finding-megarac-bmc-assets\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Finding MegaRAC BMC assets on your network - Version 2\" \/>\n<meta property=\"og:description\" content=\"Earlier this week, researchers with Eclypsium shared fi [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.runzero.com\/blog\/finding-megarac-bmc-assets\/\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2022-12-08T01:51:57+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-02-22T06:31:38+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.runzero.com\/img\/rapid-response\/bmc\/asset-inventory.png\" \/>\n<meta name=\"author\" content=\"version2hk\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"version2hk\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.runzero.com\\\/blog\\\/finding-megarac-bmc-assets\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/12\\\/finding-megarac-bmc-assets-on-your-network\\\/\"},\"author\":{\"name\":\"version2hk\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\"},\"headline\":\"Finding MegaRAC BMC assets on your network\",\"datePublished\":\"2022-12-08T01:51:57+00:00\",\"dateModified\":\"2023-02-22T06:31:38+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/12\\\/finding-megarac-bmc-assets-on-your-network\\\/\"},\"wordCount\":436,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.runzero.com\\\/blog\\\/finding-megarac-bmc-assets\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.runzero.com\\\/img\\\/rapid-response\\\/bmc\\\/asset-inventory.png\",\"keywords\":[\"2022\",\"runZero\"],\"articleSection\":[\"2022\",\"runZero\",\"Press Release\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/12\\\/finding-megarac-bmc-assets-on-your-network\\\/\",\"url\":\"https:\\\/\\\/www.runzero.com\\\/blog\\\/finding-megarac-bmc-assets\\\/\",\"name\":\"Finding MegaRAC BMC assets on your network - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.runzero.com\\\/blog\\\/finding-megarac-bmc-assets\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.runzero.com\\\/blog\\\/finding-megarac-bmc-assets\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.runzero.com\\\/img\\\/rapid-response\\\/bmc\\\/asset-inventory.png\",\"datePublished\":\"2022-12-08T01:51:57+00:00\",\"dateModified\":\"2023-02-22T06:31:38+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.runzero.com\\\/blog\\\/finding-megarac-bmc-assets\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.runzero.com\\\/blog\\\/finding-megarac-bmc-assets\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.runzero.com\\\/blog\\\/finding-megarac-bmc-assets\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.runzero.com\\\/img\\\/rapid-response\\\/bmc\\\/asset-inventory.png\",\"contentUrl\":\"https:\\\/\\\/www.runzero.com\\\/img\\\/rapid-response\\\/bmc\\\/asset-inventory.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.runzero.com\\\/blog\\\/finding-megarac-bmc-assets\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Finding MegaRAC BMC assets on your network\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\",\"name\":\"version2hk\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"caption\":\"version2hk\"},\"sameAs\":[\"http:\\\/\\\/version2xfortcom.wordpress.com\"],\"url\":\"https:\\\/\\\/version-2.com\\\/en\\\/author\\\/version2hk\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Finding MegaRAC BMC assets on your network - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.runzero.com\/blog\/finding-megarac-bmc-assets\/","og_locale":"en_US","og_type":"article","og_title":"Finding MegaRAC BMC assets on your network - Version 2","og_description":"Earlier this week, researchers with Eclypsium shared fi [&hellip;]","og_url":"https:\/\/www.runzero.com\/blog\/finding-megarac-bmc-assets\/","og_site_name":"Version 2","article_published_time":"2022-12-08T01:51:57+00:00","article_modified_time":"2023-02-22T06:31:38+00:00","og_image":[{"url":"https:\/\/www.runzero.com\/img\/rapid-response\/bmc\/asset-inventory.png","type":"","width":"","height":""}],"author":"version2hk","twitter_card":"summary_large_image","twitter_misc":{"Written by":"version2hk","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.runzero.com\/blog\/finding-megarac-bmc-assets\/#article","isPartOf":{"@id":"https:\/\/version-2.com\/2022\/12\/finding-megarac-bmc-assets-on-your-network\/"},"author":{"name":"version2hk","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db"},"headline":"Finding MegaRAC BMC assets on your network","datePublished":"2022-12-08T01:51:57+00:00","dateModified":"2023-02-22T06:31:38+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2022\/12\/finding-megarac-bmc-assets-on-your-network\/"},"wordCount":436,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/www.runzero.com\/blog\/finding-megarac-bmc-assets\/#primaryimage"},"thumbnailUrl":"https:\/\/www.runzero.com\/img\/rapid-response\/bmc\/asset-inventory.png","keywords":["2022","runZero"],"articleSection":["2022","runZero","Press Release"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2022\/12\/finding-megarac-bmc-assets-on-your-network\/","url":"https:\/\/www.runzero.com\/blog\/finding-megarac-bmc-assets\/","name":"Finding MegaRAC BMC assets on your network - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.runzero.com\/blog\/finding-megarac-bmc-assets\/#primaryimage"},"image":{"@id":"https:\/\/www.runzero.com\/blog\/finding-megarac-bmc-assets\/#primaryimage"},"thumbnailUrl":"https:\/\/www.runzero.com\/img\/rapid-response\/bmc\/asset-inventory.png","datePublished":"2022-12-08T01:51:57+00:00","dateModified":"2023-02-22T06:31:38+00:00","breadcrumb":{"@id":"https:\/\/www.runzero.com\/blog\/finding-megarac-bmc-assets\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.runzero.com\/blog\/finding-megarac-bmc-assets\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.runzero.com\/blog\/finding-megarac-bmc-assets\/#primaryimage","url":"https:\/\/www.runzero.com\/img\/rapid-response\/bmc\/asset-inventory.png","contentUrl":"https:\/\/www.runzero.com\/img\/rapid-response\/bmc\/asset-inventory.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.runzero.com\/blog\/finding-megarac-bmc-assets\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"Finding MegaRAC BMC assets on your network"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db","name":"version2hk","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","caption":"version2hk"},"sameAs":["http:\/\/version2xfortcom.wordpress.com"],"url":"https:\/\/version-2.com\/en\/author\/version2hk\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-fHp","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/60351","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/users\/143524195"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/comments?post=60351"}],"version-history":[{"count":4,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/60351\/revisions"}],"predecessor-version":[{"id":60355,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/60351\/revisions\/60355"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/media?parent=60351"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/categories?post=60351"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/tags?post=60351"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}