A critical vulnerability in HPE's Insight Remote Support tool allows attackers to execute code remotely on affected systems without authentication. Identified as CVE-2024-53676, the vulnerability is due to improper validation of file paths, letting attackers overwrite system files and execute arbitrary payloads with SYSTEM-level privileges. While there's a need for valid device registration credentials, and the Java process must have appropriate write permissions, a proof-of-concept exploit is available publicly, and active exploitation is considered imminent. HPE has yet to release an official patch, urging users to isolate management interfaces and monitor for unauthorized file write operations as interim mitigation.
Source: https://cybersecuritynews.com/hpe-remote-support-tool-vulnerability/
"id": "hew416030525",
"linkid": "hewlett-packard-enterprise",
"type": "Vulnerability",
"date": "3/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"