A critical vulnerability has been discovered in AMI MegaRAC, a baseboard management controller (BMC) widely used in servers from major manufacturers including AMD, ARM, Fujitsu, Gigabyte, Supermicro, and Qualcomm. This flaw, currently being actively exploited, grants attackers extraordinary control over entire server fleets. The vulnerability allows for remote code execution and privilege escalation, potentially enabling malicious actors to steal sensitive data, disrupt operations, and install malware. Organizations using servers with AMI MegaRAC are strongly advised to immediately patch their systems and implement robust security measures to mitigate the risk of exploitation.