There’s currently some debate about whether there was an issue within the SuperMicro supply chain. Bloomberg publicized that they had become aware of compromised chips that Supermicro, an assembly partner used by Apple and Amazon, had been planted and could be used by the Chinese government.
While this is still being debated whether this is a valid report or not, let’s discuss what the possible ramifications might be:
For customers who purchase potentially vulnerable equipment?
For attackers who may find methods to use this vulnerability to their advantage?