### #HPEInsight #RemoteSupportSecurity #CriticalVulnerabilities
Summary: HPE has released a critical security bulletin highlighting multiple severe vulnerabilities in its Insight Remote Support service that could allow unauthorized access and remote code execution. Users are urged to update their systems immediately to protect against potential exploitation.
Threat Actor: Unknown | unknown
Victim: HPE Insight Remote Support | HPE Insight Remote Support
Key Point :
- Multiple critical vulnerabilities discovered, with CVSS scores as high as 9.8.
- Vulnerabilities include XML External Entity Injection, Java Deserialization, and Directory Traversal flaws.
- HPE has released an update (v7.14.0.629) to patch all identified vulnerabilities.
- Users are strongly advised to update their installations immediately to mitigate risks.
- HPE recommends enabling automatic updates for ongoing protection and feature enhancements.
HPE has issued an urgent security bulletin addressing multiple critical vulnerabilities discovered in its Insight Remote Support service. These flaws could allow attackers to gain unauthorized access to sensitive information or even execute malicious code remotely.
The vulnerabilities, ranging in severity with CVSS scores as high as 9.8, include:
- XML External Entity Injection (XXE) flaws (CVE-2024-11622, CVE-2024-53673, CVE-2024-53674, CVE-2024-53675): These vulnerabilities could enable attackers to extract confidential data from affected systems.
- Java Deserialization vulnerability (CVE-2024-53673): This flaw could allow unauthenticated attackers to execute arbitrary code on vulnerable systems.
- Directory Traversal vulnerability (CVE-2024-53676): This critical vulnerability, with a CVSS score of 9.8, could allow remote attackers to execute code on affected systems.
These vulnerabilities were reported to HPE by an anonymous researcher working with Trend Micro Zero Day Initiative. HPE has acted swiftly to address these threats by releasing Insight Remote Support v7.14.0.629. This update includes patches for all identified vulnerabilities.
HPE strongly urges users to update their Insight Remote Support installations immediately to mitigate the risk of exploitation. Users can update their systems by navigating to Administrator Settings > Software Updates within the application.
“To benefit from the latest features and product support, HPE recommends automatically installing the latest software available by enabling the Automatically Download and Install option from the Automatic Update Level drop-down list,” HPE stated in their security bulletin.