Descriptive Alt Text

Critical Vulnerabilities in Hewlett Packard Enterprise (HPE) Insight Remote Support

December 3, 2024 Reading Time: 2 minutes

Hewlett Packard Enterprise (HPE) has disclosed multiple critical vulnerabilities in its Insight Remote Support software, with the most severe carrying a CVSS v3.0 score of 9.8.

These vulnerabilities pose significant security risks, including remote directory traversal, information disclosure, and potential code execution.

Overview of the Vulnerabilities

The vulnerabilities impact versions of HPE Insight Remote Support prior to v7.14.0.629. A breakdown of the CVEs, their descriptions, and potential impacts is provided below:

CVE ID CVSS Score Weakness
CVE-2024-11622 7.3 XML Injection (CWE-91)
CVE-2024-53673 8.1 Deserialisation of Untrusted Data (CWE-502)
CVE-2024-53674 7.3 XML Injection (CWE-91)
CVE-2024-53675 7.3 XML Injection (CWE-91)
CVE-2024-53676 9.8 Files Accessible to External Parties (CWE-552)

About the Vulnerabilities

  • CWE-91 (XML Injection): Allows attackers to manipulate XML data queries, potentially leading to data exposure or execution of unauthorised commands.
  • CWE-502 (Deserialisation of Untrusted Data): Exploitable by attackers to execute arbitrary commands or manipulate application behavior.
  • CWE-552 (Files Accessible to External Parties): Exposes sensitive files or directories to unauthorised users, significantly increasing the risk of data breaches.

Potential Impacts

The identified vulnerabilities enable attackers to:

  • Execute remote directory traversal attacks.
  • Access sensitive files and information.
  • Exploit deserialisation flaws to execute arbitrary code.

While these vulnerabilities are not yet listed in the Known Exploited Vulnerabilities (KEV) catalogue and have not been linked to ransomware activity, the high severity underscores the urgency to address them.

Steps to Mitigate Risk

To mitigate the risks associated with these vulnerabilities, HPE and security organisations recommend the following steps:

1. Upgrade Immediately:

  • Update to HPE Insight Remote Support v7.14.0.629 or later.
  • Ensure thorough testing before deployment in production environments.

2. Review Security Configurations:

  • Verify access controls and permissions.
  • Monitor network traffic for suspicious activity that may indicate exploitation attempts.

3. Stay Informed:

  • Review the official HPE security bulletin: HPE Security Bulletin hpesbgn04731.

Organisations relying on HPE Insight Remote Support for IT monitoring and infrastructure management should prioritise immediate patching to mitigate risks.

If you would like to discover how Secora Consulting can assist you in keeping your business secure, please get in touch by filling out the form below 👇.

Recent Posts

Let's Talk About Your Project

Leave us your details and one of our team will reach out to explore how we can assist with your cybersecurity requirements.

Postal address

The BASE Enterprise Centre

Railway Road

Stranorlar

Co. Donegal

Ireland

F93 VAK6

Phone number
IE: +353 74 970 7876 | UK: +44 20 4538 2818
Email
info@secoraconsulting.com

To learn more about your data and privacy rights, visit our Privacy Statement.