The Binarly REsearch team has discovered multiple vulnerabilities in the Supermicro IPMI firmware component developed by ATEN. 

Vulnerabilities can be exploited by unauthenticated remote attackers and could result in obtaining the root of the BMC system.

https://binarly.io/posts/Binarly_REsearch_Uncovers_Major_Vulnerabilities_in_Supermicro_BMCs/

https://files.mastodon.social/media_attachments/files/111/182/152/709/042/922/original/dcec5371498a6b12.png 

 @14abadff 

It's good research, but ultimately, I don't think the vulnerabilities are as bad as Binarly suggests. That's because the exploits work only if an admin clicks on a malicious link sent in an email.