Metal-as-a-Disservice: Exploiting Legacy Flaws in Cutting-Edge Clouds

Presented at DEF CON 33 (2025), Aug. 9, 2025, 3:30 p.m. (45 minutes).

Bare metal cloud providers are rapidly gaining popularity among organizations deploying high-performance machine learning workloads. While the promise of dedicated hardware and enhanced security may appear attractive, a closer look revealed that these environments are vulnerable to decades-old attacks that are sure to trigger nostalgia. This talk investigates the hidden risks posed by the "bare metal" trend, illustrating how weaknesses in firmware, hardware, and the network can lead to catastrophic multi-tenant compromise. We'll walk through real-world case examples demonstrating how attackers can leverage these vulnerabilities including hijacking provisioning processes, installing persistent firmware implants, intercepting sensitive network data, and compromising secure machine learning workflows. Attendees will gain insight into the unique attack surfaces of bare metal environments, understand why seemingly outdated techniques remain highly effective, and learn how major cloud providers mitigate these threats. Expect technical demonstrations, practical advice on evaluating providers, and recommendations for protecting your organization's critical infrastructure. References: [1](http://www.syncsrc.org/public/shmoocon_2018_final.pdf) [2](https://maas.io/) [3](https://discourse.maas.io/t/hardening-your-maas-installation-snap/2140) [4](https://github.com/chipsec/chipsec) [5](https://github.com/IOActive/Platbox) [6](https://conference.hitb.org/hitbsecconf2018dxb/materials/D1T1%20-%20The%20Phantom%20Menace-%20Intel%20ME%20Manufacturing%20Mode%20-%20Maxim%20Goryachy%20and%20Mark%20Ermolov.pdf) [7](https://eclypsium.com/blog/firmware-security-realizations-part-2/) [8](https://eclypsium.com/blog/firmware-security-realizations-part-3-spi-write-protections/) [9](https://www.binarly.io/blog/pkfail-untrusted-platform-keys-undermine-secure-boot-on-uefi-ecosystem) [10](https://www.binarly.io/blog/the-firmware-supply-chain-security-is-broken-can-we-fix-it) [11](https://www.rapid7.com/blog/post/2013/07/02/a-penetration-testers-guide-to-ipmi/) [12](https://eclypsium.com/blog/the-top-5-firmware-and-hardware-attack-vectors/) [13](https://linux-hardware.org/)

Presenters:

• Bill Demirkapi
  Bill is a security researcher with a passion for finding bugs at scale. His interests include reverse engineering and vulnerability research, ranging from low-level memory corruption to systemic flaws with catastrophic consequences. He started his journey in high school and has since published his work at internationally-recognized conferences like DEF CON and Black Hat USA. In his pursuit to make the world a better place, Bill constantly looks for the next significant vulnerability, following the motto "break anything and everything".

Similar Presentations:

• DEF CON 31 (2023) / Spooky authentication at a distance
• DEF CON 29 (2021) / The Agricultural Data Arms Race: Exploiting a Tractor Load of Vulnerabilities In The Global Food Supply Chain.
• DEF CON 33 (2025) / 7 Vulns in 7 Days: Breaking Bloatware Faster Than It’s Built