Ddos 
Hewlett Packard Enterprise (HPE) has issued a security advisory addressing multiple high-impact vulnerabilities in its Insight Remote Support (Insight RS) platform. The flaws—disclosed by Tenable and an anonymous researcher via the Trend Zero Day Initiative (ZDI)—could allow remote code execution, directory traversal, and unauthorized information disclosure, putting enterprise infrastructure at risk.
HPE Insight Remote Support is a core utility that enhances availability monitoring and technical support for HPE servers, storage, and networking equipment. However, versions prior to 7.15.0.646 are affected by three CVEs—CVE-2025-37097, CVE-2025-37098, and CVE-2025-37099—with severity scores ranging from 6.5 to 9.8 on the CVSS v3 scale.
“These vulnerabilities could remotely allow a directory traversal, disclosure of information, or code execution,” HPE stated in the advisory.
CVE-2025-37097 (CVSS 7.5) affects the com.hp.uca.hprsmain.HPRSMain class in the hprsMain.jar file. According to Tenable’s analysis, the component exposes a remote method named stopHPRSMain that can be triggered by unauthenticated attackers to terminate processes associated with the HPRSMAIN Windows service. This poses a risk to service availability and system stability.
CVE-2025-37098 (CVSS 6.5) is a path traversal vulnerability in the DownloadAttachmentServlet.checkIfArbitraryFile() method. Tenable explains that this issue allows “a low-privileged Windows user… to download restricted files under the security context of SYSTEM.” Specifically, if the uca.allowauthuser setting is enabled in the hprs.xml configuration, a user assigned the “operator” role could access sensitive files like hprs.xml itself via protected URLs, such as /remotesupport/getattachment.
CVE-2025-37099 (CVSS 9.8) is the most severe of the three, though HPE’s advisory provides minimal public details. It was reported through ZDI as part of case ZDI-CAN-25954. Given the score and classification, this likely involves unauthenticated code execution or system compromise.
HPE urges all customers to update to Insight Remote Support v7.15.0.646 or later. The advisory notes that patches may be applied using the built-in software management tools under Administrator Settings > Software Updates. For continuous protection, HPE recommends enabling automatic updates:
“Enable the Automatically Download and Install option from the Automatic Update Level drop-down list.”
Related Posts:
- HPE Aruba Networking Addresses Severe Vulnerabilities in Access Points
- HPE Insight Remote Support Hit with Critical Vulnerabilities, Urgent Patch Released
- HPE Insight RS Flaw: CVE-2024-53676 PoC Exploit Published, RCE Risk Looms
- HPE Aruba Networking Patches Critical Vulnerabilities in Access Points
- CVSS 9.8 Vulnerabilities Expose Aruba Access Points to RCE: HPE Urges Immediate Action
Donate