OPERATIONAL DEFECT DATABASE
...
...
Document Version Release Date Details 3 February 10, 2022 Added a note in the Resolution section 2 January 25, 2022 Updated document title for clarity 1 January 6, 2022 Original document release On December 28, 2021, the Iranian research Amnpardaz security firm reported discovering rootkits in HPE Integrated Lights-Out 4 (iLO 4) management modules. The rootkit, named iLOBleed, is based on the malware module Implant.ARM.iLOBleed discovered in the iLO 4 firmware.
The security vulnerability affects HPE Integrated Lights-Out 4 (iLO 4) and was previously disclosed and patched in 2017. HPE Integrated Lights-Out 2, HPE Integrated Lights-Out 3, HPE Integrated Lights-Out 5 (iLO 5) are not affected.
HPE provided firmware updates in 2017 to resolve the HPE Integrated Lights-Out vulnerability. Follow the remedial steps previously provided in 2017 to upgrade HPE Integrated Lights-Out 4 (iLO 4), outlined in the security bulletins under the "Resources" section below. Resources The following security bulletins published under CVE (CVE-2017-12542) provide more information and remedial steps to upgrade HPE Integrated Lights-out 4 (iLO 4). HPE Integrated Lights-out 4 (iLO 4), and Moonshot Multiple Remote Vulnerabilities HPE Superdome X servers with iLO4, Remote Code Execution and Authentication Bypass HPE StoreEasy Storage - HPE Integrated Lights-Out 4 (iLO 4) Multiple Remote Vulnerabilities Note: It is a good practice to keep iLO firmware updated to the latest available version. The links at the above documents reference the versions of firmware that are vulnerable to the above CVE. No other versions are affected.
Click on a version to see all relevant bugs
Hewlett Packard Enterprise Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
