HPE Archives - Security Affairs

Pierluigi Paganini July 22, 2025

Hardcoded credentials found in HPE Aruba Instant On Wi-Fi devices

Hardcoded credentials in HPE Aruba Instant On Wi-Fi devices, let attackers to bypass authentication and access the web interface. HPE disclosed hardcoded credentials in Aruba Instant On Wi-Fi devices that allow attackers to bypass login and access the web interface. The flaw tracked as CVE-2025-37103 (CVSS score of 9.8) impacts devices running firmware version 3.2.0.1 […]

Pierluigi Paganini June 04, 2025

HPE fixed multiple flaws in its StoreOnce software

Hewlett Packard Enterprise (HPE) addressed multiple flaws in its StoreOnce data backup and deduplication solution. HPE has released security patches for eight vulnerabilities in its StoreOnce backup solution. These issues could allow remote code execution, authentication bypass, data leaks, and more. “Potential security vulnerabilities have been identified in HPE StoreOnce Software.” reads the advisory. “These […]

Pierluigi Paganini February 10, 2025

HPE is notifying individuals affected by a December 2023 attack

Hewlett Packard Enterprise (HPE) has begun notifying individuals affected by a December 2023 attack carried out by Russia-linked threat actors. Hewlett Packard Enterprise has started notifying individuals whose personal information was exposed in a December 2023 cyber attack. In January 2024, Hewlett Packard Enterprise (HPE) revealed that alleged Russia-linked cyber espionage group Midnight Blizzard gained access to […]

Pierluigi Paganini January 20, 2025

HPE is investigating IntelBroker’s claims of the company hack

HPE is probing claims by the threat actor IntelBroker who is offering to sell alleged stolen source code and data from the company. Last week, the notorious threat actor IntelBroker announced on a popular cybercrime forum the sale of data allegedly stolen from HPE. IntelBroker, known for leaking data from major organizations, made the headlines […]

Pierluigi Paganini August 31, 2021

HPE wars customers of Sudo flaw in Aruba AirWave Management Platform

Hewlett Packard Enterprise (HPE) warns of a vulnerability in Sudo open-source program used in its Aruba AirWave management platform. Hewlett Packard Enterprise (HPE) is warning of a high-severity privilege escalation vulnerability in Sudo open-source program used within its Aruba AirWave management platform. The Aruba AirWave management platform is a real-time monitoring and security alert platform designed by […]

Pierluigi Paganini May 05, 2021

Experts found critical authentication bypass flaw in HPE Edgeline Infrastructure Manager

Researchers found a critical vulnerability in HPE Edgeline Infrastructure Manager that could be exploited by a remote attacker to bypass authentication. Researchers from Tenable have disclosed a critical authentication bypass vulnerability in HPE Edgeline Infrastructure Manager (EIM), tracked as CVE-2021-29203, that could be exploited by attackers to compromise a customer’s cloud infrastructure. “A security vulnerability […]

Pierluigi Paganini December 16, 2020

HPE discloses critical zero-day in Systems Insight Manager

HPE has disclosed a zero-day vulnerability in the latest versions of its HPE Systems Insight Manager (SIM) software for both Windows and Linux. Hewlett Packard Enterprise (HPE) has disclosed a zero-day remote code execution flaw that affects the latest versions of its HPE Systems Insight Manager (SIM) software for Windows and Linux. HPE SIM is a […]

Pierluigi Paganini March 03, 2018

A flaw in HP Remote Management hardware Integrated Lights-Out 3 leaves expose servers to DoS

Hewlett Packard Enterprise issued a security patch to address a vulnerability (CVE-2017-8987) in HP remote management hardware Integrated Lights-Out 3. Hewlett Packard Enterprise has issued a security patch to address a vulnerability (CVE-2017-8987) in its remote management hardware Integrated Lights-Out 3 that equip the family of HP ProLiant servers. The Hewlett-Packard iLO is composed of […]

Pierluigi Paganini October 08, 2017

HPE allowed Russians review the code of ArcSight software also used by the Pentagon

HPE gave Russian gov access to review ArcSight software that is currently used by corporate and government entities worldwide, including the Pentagon. The recent news of the alleged hack of Kaspersky products to steal NSA exploit from the personal PC of a US contractor has put in the background another equally worrying news. Another tech giant has […]

HPE

Hardcoded credentials found in HPE Aruba Instant On Wi-Fi devices

HPE fixed multiple flaws in its StoreOnce software

HPE is notifying individuals affected by a December 2023 attack

HPE is investigating IntelBroker’s claims of the company hack

HPE wars customers of Sudo flaw in Aruba AirWave Management Platform

Experts found critical authentication bypass flaw in HPE Edgeline Infrastructure Manager

HPE discloses critical zero-day in Systems Insight Manager

A flaw in HP Remote Management hardware Integrated Lights-Out 3 leaves expose servers to DoS

HPE allowed Russians review the code of ArcSight software also used by the Pentagon

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 55

Security Affairs newsletter Round 534 by Pierluigi Paganini – INTERNATIONAL EDITION

Law enforcement operations seized BlackSuit ransomware gang’s darknet sites

Arizona woman sentenced for aiding North Korea in U.S. IT job fraud scheme

Operation CargoTalon targets Russia’s aerospace with EAGLET malware,

QUICK LINKS

HPE

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!