Hewlett Packard Enterprise (HPE) has disclosed multiple high-severity vulnerabilities in its Insight Remote Support (IRS) software, potentially allowing attackers to execute remote code, perform directory traversal, and access sensitive information.
The security bulletin, released on November 22, 2024, urges users to take immediate action to address these critical flaws.
The vulnerabilities, identified and tracked as:-
- CVE-2024-11622
- CVE-2024-53673
- CVE-2024-53674
- CVE-2024-53675
- CVE-2024-53676
All these above mentioned vulnerabilities affect HPE Insight Remote Support versions prior to v7.14.0.629.
HPE analysts observed that the most severe flaw among these vulnerabilities are “CVE-2024-53676,” and it has been assigned a CVSS v3.1 base score of 9.8, indicating a “Critical” level of risk.
Analyze cyber threats with ANYRUN's powerful sandbox. Black Friday Deals : Get up to 3 Free Licenses.
Technical Analysis
These security flaws could potentially allow malicious actors to:-
- Execute arbitrary code remotely
- Perform directory traversal attacks
- Access and disclose sensitive information
The vulnerabilities require no user interaction and can be exploited over the network, making them particularly dangerous for unpatched systems.
HPE has released a software update to address these vulnerabilities. Users are strongly advised to upgrade to HPE Insight Remote Support version 7.14.0.629 or later.
The company recommends enabling the “Automatically Download and Install” option from the Automatic Update Level drop-down list to ensure systems receive the latest security patches and features.
The patches can be applied using the embedded software management capability found at Administrator Settings > Software Updates.
HPE emphasizes the importance of reviewing and updating system management and security procedures regularly to maintain system integrity.
The vulnerabilities were reported to HPE by an anonymous researcher working with Trend Micro’s Zero Day Initiative, highlighting the crucial role of responsible disclosure in maintaining cybersecurity.
However, researchers affirmed that it is essential for organizations using HPE Insight Remote Support to promptly apply these security updates and remain vigilant against potential exploits targeting these vulnerabilities.
Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar