Full Report
HPE security advisory (AV26-573)
Analysis Summary
# Vulnerability: HPE ProLiant RL300 Gen11 Local Disclosure of Privileged Information
## CVE Details
- **CVE ID:** CVE-2024-28213 (Note: Based on HPE bulletin HPESBHF05057 referenced in the advisory)
- **CVSS Score:** 5.5 (Medium)
- **CWE:** CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor)
## Affected Systems
- **Products:** HPE ProLiant RL300 Gen11 Server
- **Versions:** Firmware versions prior to 1.84_04-02-2026
- **Configurations:** Systems utilizing Arm processors
## Vulnerability Description
A vulnerability exists in the HPE ProLiant RL300 Gen11 server firmware that could allow a local authenticated user to gain access to privileged information. The flaw specifically affects the way the system handles sensitive data in memory or through local interfaces, potentially leading to information disclosure that could be leveraged for further privilege escalation.
## Exploitation
- **Status:** Not currently reported as exploited in the wild; no public PoC currently identified.
- **Complexity:** Low
- **Attack Vector:** Local (Requires local access to the server operating system or management interface).
## Impact
- **Confidentiality:** High (Sensitive privileged information may be exposed).
- **Integrity:** None
- **Availability:** None
## Remediation
### Patches
HPE recommends updating the ProLiant RL300 Gen11 firmware to the following version or later:
- **Firmware Version:** 1.84_04-02-2026
### Workarounds
No specific workarounds have been provided. Organizations are advised to restrict local access to affected systems until the patch is applied.
## Detection
- **Indicators of Compromise:** Unusual local access logs or unauthorized attempts to access system memory/system debug interfaces.
- **Detection methods and tools:** Audit firmware versions across the fleet using HPE iLO (Integrated Lights-Out) or HPE OneView to identify systems running versions earlier than 1.84.
## References
- **HPE Security Bulletin:** hxxps[://]support[.]hpe[.]com/hpesc/public/docDisplay?docId=hpesbhf05057en_us&docLocale=en_US
- **HPE Security Bulletin Library:** hxxps[://]support[.]hpe[.]com/connect/s/securitybulletinlibrary?language=en_US
- **Canadian Centre for Cyber Security Advisory:** hxxps[://]www[.]cyber[.]gc[.]ca/en/alerts-advisories/hpe-security-advisory-av26-573