This is an exploit of a vulnerability that was disclosed and patched in 2017.įor More Information: The following security bulletin published under CVE (CVE-2017-12542) provide more information and remedial steps to upgrade HPE Integrated Lights-out 4 (iLO 4). See the security bulletin mentioned below: It turns out the firmware works fine on my D元80 Gen 5 iLO2. However, when unpacking the archive and investigating the Readme-file, only Gen 6 servers where listed. The download links leads to HP sites so it should be legitimate. Customers need to follow the remedial steps previously provided in 2017 to upgrade HPE Integrated Lights-out 4 (iLO4). The latest listed iLO2 firmware is 2.33 dated march 2018 (when writing this post). HPE Integrated Lights-out 5 (iLO 5) is not affected.Īctions: HPE provided firmware updates in 2017 to resolve the HPE Integrated Lights-out vulnerability. The security vulnerability affects HPE Integrated Lights-out 4 (iLO 4) and was previously disclosed and patched in 2017. The rootkit named iLOBleed is based on the malware module discovered in the iLO firmware. This is regarding the above mentioned HPE case. I have found response from HPE in another topic: HPE Blog, Austria, Germany & Switzerland.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |