A number of extreme safety vulnerabilities in HPE Perception Distant Assist (IRS) platform that would permit attackers to execute distant code, traverse directories, and entry delicate data.
The vulnerabilities have an effect on variations previous to 7.15.0.646 and pose vital dangers to enterprise infrastructure administration techniques.
Crucial HPE IRS Distant Execution Vulnerability
This vital vulnerability CVE-2025-37099 scored 9.8 on the CVSS v3.1 scale makes use of the vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating network-based exploitation requiring no privileges or consumer interplay.
Attackers can exploit this flaw to execute arbitrary instructions on unpatched IRS installations, probably compromising whole enterprise monitoring techniques.
The vulnerability stems from improper enter validation in IRS’s information processing routines, permitting malicious payloads to bypass safety checks. Profitable exploitation allows attackers to:
Deploy ransomware or cryptominers throughout linked techniques.
Manipulate monitoring information to cover malicious actions.
Set up persistent backdoors for lateral motion inside networks.
HPE confirms this vulnerability was reported via Pattern Micro’s Zero Day Initiative , highlighting its attraction to superior menace actors.
Medium-Severity HPE IRS Flaws
CVE-2025-37097 is a Listing Traversal flaw (CVSS 7.5) that allows attackers to entry recordsdata exterior the IRS’s restricted directories. Whereas rated 7.5, it serves as a vital enabler for follow-on assaults by exposing:
Configuration recordsdata containing credentials for linked gadgets.
TLS certificates are used for safe communications.
System logs reveal community structure particulars.
CVE-2025-37098 is a Privileged Info Disclosure (CVSS 6.5). This medium-severity vulnerability permits authenticated customers with low privileges to entry delicate system data. The flaw exposes:
API keys for built-in HPE OneView techniques.
{Hardware} stock particulars of managed servers.
Firmware variations of linked storage arrays.
Whereas requiring legitimate credentials, this vulnerability turns into significantly harmful in compromised environments the place attackers have obtained primary entry via phishing or credential-stuffing assaults.
CVEsAffected ProductsImpactExploit PrerequisitesCVSS 3.1 ScoreCVE-2025-37099HPE Perception Distant Assist <7.15.0.646Remote Code Execution (RCE)Community entry; No authentication9.8 (Crucial)CVE-2025-37097HPE Perception Distant Assist <7.15.0.646Directory TraversalNetwork entry; No authentication7.5 (Excessive)CVE-2025-37098HPE Perception Distant Assist <7.15.0.646Information DisclosureNetwork entry; Low privileges6.5 (Medium)
Remediation
HPE has launched Perception Distant Assist model 7.15.0.646 to handle all recognized vulnerabilities.
The corporate strongly recommends a direct improve to this model or later releases to mitigate safety dangers. Organizations ought to prioritize patching efforts primarily based on the vital CVSS 9.8 ranking of CVE-2025-37099.
The embedded software program administration functionality gives automated patch deployment via Administrator Settings > Software program Updates.
HPE recommends enabling the “Robotically Obtain and Set up” possibility from the Automated Replace Stage dropdown to make sure steady safety updates.
System directors ought to implement extra safety measures, together with community segmentation, entry controls, and monitoring for suspicious actions focusing on HPE Perception Distant Assist installations.
Common safety assessments and adherence to patch administration insurance policies stay important for sustaining safe enterprise environments.
Velocity up and enrich menace investigations with Risk Intelligence Lookup! -> 50 trial search requests
