HPE Discloses Critical Vulnerabilities in Insight Remote Support Software

EXECUTIVE SUMMARY:

Hewlett Packard Enterprise (HPE) has disclosed multiple critical vulnerabilities in its Insight Remote Support (IRS) software that could allow attackers to remotely execute arbitrary code, perform directory traversal, and access sensitive information. These vulnerabilities affect HPE Insight Remote Support could be exploited over the network without any user interaction, making them highly dangerous for unpatched systems. The most severe of these vulnerabilities have been assigned, signifying a critical risk. HPE has released a patch to address these vulnerabilities, urging users to mitigate the threat. It is also recommended that users enable the "Automatically Download and Install" option to ensure timely updates and regular reviews of security procedures. It should remain vigilant for potential exploitation attempts and monitor their systems for unusual activity.[emaillocker id="1283"]

• CVE-2024-11622: It is a high-severity vulnerability affecting HPE Insight Remote Support versions. It allows attackers to perform directory traversal attacks, potentially exposing sensitive files or system data. Exploitation requires no user interaction and can be executed remotely over a network. HPE recommends mitigating the risk.
• CVE-2024-53673: It is a high-severity vulnerability in HPE Insight Remote Support versions. It enables attackers to execute arbitrary code remotely, posing a significant threat to system integrity. The vulnerability is network-exploitable and does not require user interaction. It is essential to address this issue.
• CVE-2024-53674: It is a high-severity vulnerability impacting HPE Insight Remote Support versions. This flaw could allow attackers to access and disclose sensitive information without user interaction. It is exploitable remotely, increasing its risk to unpatched systems. Its patches are crucial to prevent unauthorized access and protect sensitive data from potential exposure.
• CVE-2024-53675: It is a high-severity vulnerability affecting HPE Insight Remote Support versions. It allows remote attackers to perform unauthorized directory traversal attacks, potentially accessing critical system files. Exploitation requires no user interaction, making unpatched systems highly vulnerable. Prompt application of the provided security patch is essential to prevent potential exploitation of this vulnerability.
• CVE-2024-53676: It is a critical vulnerability in HPE Insight Remote Support versions. It allows remote attackers to execute arbitrary code without requiring user interaction, posing a severe threat to system security. The flaw is network-exploitable, making immediate patching essential. It led to significant unauthorized access and potential compromise of sensitive data.

RECOMMENDATION:

• We strongly recommend you update HPE Insight Remote Support to version 7.14.0.629 or later.

REFERENCES:

The following reports contain further technical details:
https://cybersecuritynews.com/hpe-insight-remote-support-vulnerabilities/