https://www.bleepingcomputer.com/news/security/critical-ami-megarac-bug-can-let-attackers-hijack-brick-servers/

​A new critical severity vulnerability found in American Megatrends International's MegaRAC Baseboard Management Controller (BMC) software can let attackers hijack and potentially brick vulnerable servers.

MegaRAC BMC provides "lights-out" and "out-of-band" remote system management capabilities that help admins troubleshoot servers as if they were physically in front of the devices. The firmware is used by over a dozen server vendors that provide equipment to many cloud service and data center providers, including HPE, Asus, ASRock, and others.