In today’s episode of ‘Oops, Our Bad!’, we delve into how Supermicro managed to gift-wrap two vulnerabilities in their Baseboard Management Controller (BMC) firmware, allowing hackers to waltz through their so-called ‘Root of Trust’ like it was a revolving door.

Cybersecurity researchers unveiled that Supermicro’s firmware handled cryptographic signatures about as well as a three-year-old handles a crayon—more of a scribble than a signature. The vulnerabilities, rated at medium severity (or ‘Meh’ if you ask Supermicro), apparently went unnoticed until someone finally bothered to check the math.

These bugs let attackers install malicious firmware updates as easily as Supermicro installs doubt in their customers’ minds about ever buying trusted tech again. Because, really, who needs complex attack vectors when your security is asleep at the wheel?

In a statement that could double as a LinkedIn endorsement for their future head of ‘Oops Prevention’, Supermicro promised to ‘work very hard’ to patch these errors, presumably just after they’re done ‘working very hard’ on those TPS reports.