Dell PowerEdge R720 Corrupt Lifecycle Controller Bios Fix

Comments Off on Dell PowerEdge R720 Corrupt Lifecycle Controller Bios Fix
Hardware Security Software

TLP:Public
Dell PowerEdge R720 Corrupt Lifecycle Controller Bios Fix

Dell PowerEdge

There have been a few Dell PowerEdge R720s we have come across from clients where the Lifecycle Controller Bios is a strange non-Dell version, and impossible to update by simply running an update bios software from the OS (Operating System) provided by Dell.

It appears to us these bios versions have malware installed in them to prevent a simple update and it appears the remote Lifecycle Controller systems are being used by bad guys to hack these servers.

To repair these servers, and to install the current bios versions to get them back in operation, here are the steps we found useful.

You will need to create a bootable DVD or USB device and install the current bios media from Dell.

You will locate the files from:
Update PowerEdge Servers with Platform Specific Bootable ISO

You can locate almost every Dell server version so it is not only for the PowerEdge R720.

After you have created the media, you will need to open the server up and change some jumper settings.

Dell PowerEdge Jumper

The jumpers PWRD_EN and NVRAM_CLR need to be changed from their default settings to these settings:

PWRD_EN = Disabled, and NVRAM_CLR = Enabled.

Dell Poweredge Jumper Settings

Put the server back together and boot it from the bootable media you created. The media will run automatically, and the bad corrupted lifecycle controller and bios will be overwritten with the real Dell version you are installing from your media.

Once completed, and the server is running with the correct versions, turn the server off and put the jumpers back to their default settings.

PWRD_EN = Enabled (Default) and NVRAM_CLR = Disabled (Default).

The servers we found came from federal government systems, we think that somehow the strange bios versions were hacked versions created outside the USA, and where planted to conduct surveillance and to brick the servers at a time of the bad guys choice. (Ukraine Power Cyber Attack ring any bells?)

(Brick is a term we use that defines an electronic component like a server, computer, network device, mobile device that does not work anymore, it is more like a brick than an electronic component)

Not only do you need to worry about the common cyber security threats, but it appears systems like the Dell iDRAC with Lifecycle controller embedded systems management are being attacked too. You need to password protect them and keep an eye on these systems too.

We hope this helps people to get these bricks back to being useful servers again.

Note: Make sure your IDRAC controller is enabled, it cannot be disabled or in recovery mode when trying to update the BIOS. I like to update the IDRAC controller first, troubleshoot its issues. Some are bricked, but most are recoverable.

Adept Technologies’ team of dedicated North American experts are solely focused on refining and improving the Adept Enterprise products and the MyAdept software as services (SaaS) for the benefit of mankind.

Contact us today toll free 1-888-392-9623 to find out more on how Adept Technologies can save you money by utilizing our services and technology.

Adept Media

Adept Technologies Inc.

Related Articles

Lake Inspections
Adept Land and Shoreline Permit Management Software
The Adept Enterprise Land and Shoreline Permit Management software system is a feature-rich solution designed…
Read More
Washinton Modernize
Modernize and Streamline Washington State Housing with SB 5290
Modernize and Streamline Washington State Housing with SB 5290 In a landmark decision for housing…
Read More
Adept Enterprise
Adept Enterprise® 20XX
Adept Enterprise® 20XX is the enterprise edge of the cloud, and/or cloud software platform that…
Read More