AMI has released an additional statement clarifying the impact of the "Meltdown" and "Spectre" security vulnerabilities on its MegaRAC® SP-X Service Processor Firmware as implemented on Arm®-based BMC SoCs from ASPEED Technology Inc.
One of the first actions by taken by AMI in response to news of these potential vulnerabilities was to complete comprehensive vulnerability testing of our MegaRAC SP-X Service Processor Firmware for Baseboard Management Controllers (BMCs) and each of the SoC platforms that utilize it. Soon after, AMI issued a Security Advisory to our key OEM and ODM customers and reassure them that these vulnerabilities did not affect MegaRAC SP-X. In particular, AMI would like to emphasize that users of AMI's MegaRAC SP-X Service Processor Firmware should not be concerned about these reports with respect to our MegaRAC firmware or the Arm11™-based ASPEED AST2500 BMC SoC and Arm9™-based ASPEED AST2300 and 2400 BMC SoCs.
To read the press release in full, follow this link: https://ami.com/en/news/press-releases/american-megatrends-statement-in-response-to-meltdown-and-spectre-security-vulnerabilities-for-megarac-bmc-firmware-on-aspeed-armbased-platforms/