Known exploited
AMI
CVE published 2025-06-25
CVE-2024-54085
CVE-2024-54085 is an AMI MegaRAC SPx authentication bypass by spoofing vulnerability that CISA added to the Known Exploited Vulnerabilities catalog on 2025-06-25. Because it is in KEV, defenders should treat it as a priority exposure and follow vendor guidance promptly. CISA’s required action is to apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or disco [truncated]