Shenzhen Gooxi Information Security Co., Ltd. — 8C:1A:F3 (MA-L)

The MA-L block 8C:1A:F3 is registered to "Shenzhen Gooxi Information Security CO.,Ltd." at a Nanshan District, Shenzhen address in Guangdong Province, China. Gooxi is a server-hardware OEM/ODM, not a networking or consumer-electronics vendor — a MAC bearing this prefix on a network is almost always a rack-mounted server or storage unit in a data center or enterprise/cloud environment, not an endpoint or networking appliance. The brand markets general-compute, GPU, hyper-converged, edge, and storage servers, plus barebone chassis and motherboards, into cloud, data-center, AI/HPC, telecom, finance, government, and education markets, primarily from China with branch sales offices abroad. The asset-classification value here is twofold: identifying the device class (server, hence a management plane to secure) and flagging the most relevant exposure. Gooxi servers are among roughly a dozen vendors that shipped AMI MegaRAC BMC firmware affected by the 2020 vulnerability cluster — most notably CVE-2020-11483 (CVSS 9.8, hardcoded credentials in the BMC). That is a shared upstream-firmware issue rather than a Gooxi-specific flaw, and it lives on the BMC/IPMI out-of-band management interface, which is exactly what asset-discovery should locate and isolate. As with all OUI data, IEEE publishes no registration date for this assignment; any "date registered" seen on third-party tools is a database artifact, not an IEEE fact.

IEEE assignment

8C:1A:F3 → Shenzhen Gooxi Information Security CO.,Ltd. [Confirmed] — IEEE MA-L (oui.csv line 111)

Registry / block size

MA-L (24-bit OUI; ~16.7M addresses) [Confirmed] — IEEE MA-L (oui.csv line 111). NOTE: IEEE's public OUI data publishes NO assignment/registration date (oui.csv columns are only Registry, Assignment, Organization Name, Organization Address); any "date registered" on third-party tools is a database artifact, not an IEEE fact.

HQ / country

A District, 5th Floor, Block A3, Digital Technology Park, Gaoxin South 7th Road, High-tech Industrial Park, Nanshan District, Shenzhen, Guangdong Province, CN 518100 [Confirmed] — IEEE MA-L (oui.csv line 111)

Brand vs. registrant

registry registrant name is "Shenzhen Gooxi Information Security CO.,Ltd."; the trading brand is "Gooxi" (web presence also lists "Shenzhen Gooxi Digital Intelligence Technology Co., Ltd."). Treat the brand as "Gooxi." [Confirmed] — IEEE MA-L; gooxi.us

Company status

active [Confirmed] — gooxi.us

Device types

server hardware — general-compute, GPU, hyper-converged, edge-computing, and storage servers; server chassis/barebone; motherboards; JBOD/storage platforms. Not networking gear or consumer electronics. [Confirmed] — gooxi.us, en.gooxi.com/en/goods.html, made-in-china.com (Gooxi showroom)

Market focus

cloud computing, data centers, AI/HPC, telecom, finance, government, education; China-market OEM/ODM with global sales presence (branch offices listed in Beijing, Shanghai, Hong Kong, Los Angeles, Hamburg, Taiwan). [Confirmed] — gooxi.us, gooxi.en.alibaba.com

Security context

Gooxi is named among ~12 vendors whose servers shipped AMI MegaRAC BMC firmware affected by a 2020 vulnerability cluster. Most severe: CVE-2020-11483 (CVSS 9.8, hardcoded credentials → privilege escalation / info leak). Also CVE-2020-11484 (8.4, BMC/IPMI admin password-hash exposure), CVE-2020-11487 (8.2, hardcoded RSA-1024 key / weak ciphers), CVE-2020-11485 and CVE-2020-11486 (8.1 each, CSRF/RCE and unauthorized file upload). All require network access to the BMC interface. This is a shared upstream-firmware issue, not a Gooxi-specific implementation flaw; co-affected vendors include ASRock Rack, ASUS, Gigabyte, HPE, IBM, Lenovo, NetApp, Quanta, and TYAN. No Gooxi-specific CVE or independent firmware advisory was found. [Confirmed] — securityweek.com (NVIDIA/AMI BMC advisory), cvedetails.com (CVE-2020-11483)

Security recommendation

isolate BMC/IPMI on a dedicated out-of-band management VLAN, remove default/hardcoded credentials, patch AMI BMC firmware to versions addressing the 2020 CVE cluster, and disable default SNMP community strings (cf. CVE-2020-11489). [Likely] — securityweek.com (single source; general OOB-management best practice)

IANA reference

none — no IANA RFC reference applies to this OUI entry; IANA Reference column stays blank. [Confirmed] — IEEE MA-L

Registration date

Unknown — IEEE publishes no assignment date for this OUI; any third-party "date registered" is a database artifact. [Unknown]

Analyst note

a 8C:1A:F3 MAC indicates a Gooxi server class device; the highest-value follow-up is locating and isolating its BMC/IPMI management interface, since the most relevant known exposure is upstream AMI BMC firmware rather than anything Gooxi-proprietary.