Hereby Yoroi wishes to inform you about the recent discovery of vulnerabilities in a number of modern server equipment with a baseboard management controller ( BMC ) co-processor : a particular class of embedded chips used for out-of-band and side management. band in devices such as, but not limited to, server machines, switch racks or RAID appliances. The criticality is known by the CVE-2019-6260 identifier and publicly referenced with the ” pantsdown ” alias .

https://blog.yoroi.company/warning/vulnerabilita-in-firmware-bmc/