CyberSecurityBoard
Sponsor Register Login

Hewlett Packard RCE Vulnerability Allows Attackers to Bypass Authentication and Execute Remote Commands

A critical unauthenticated remote code execution vulnerability (CVE-2024-13804) has been discovered in HPE Insight Cluster Management Utility (CMU) v8.2, enabling attackers to bypass authentication mechanisms and execute commands with root privileges on the backend server. By weaponizing the Java client application against the server, attackers can modify client-side code to bypass security restrictions and gain administrative access. The researcher discovered that by decompiling the application’s JAR file and modifying key authorization checks, the client can be weaponized to send privileged commands to the server via Remote Method Invocation (RMI). After recompiling the modified client, it can be used to execute arbitrary commands on the server with root privileges via the ModelDispatcher.getRMIModel().executeCmdLine() method, where the attacker successfully executes the “ifconfig” command. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The vulnerability was initially reported to HPE in May 2023 but only received the CVE identifier in January 2025 after extensive follow-up with multiple security organizations, highlighting challenges in the vulnerability disclosure process. Navigating The Shadows (0xbad53c) analyst/researcher observed the vulnerability exists within the application’s Java Network Launch Protocol (JNLP) client architecture. The exploitation process begins with downloading and decompiling the CMU client application (cmugui_standalone.jar), which connects to the backend server over port 1099. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. This high-severity vulnerability affects a tool designed for managing high-performance computing clusters, potentially giving attackers complete control over entire computing environments. The vulnerability stems from fundamental design flaws in how the CMU application implements client-side authorization checks without proper server-side validation.

This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 31 Mar 2025 13:30:11 +0000


Cyber News related to Hewlett Packard RCE Vulnerability Allows Attackers to Bypass Authentication and Execute Remote Commands

Hewlett Packard Enterprise Acquire Juniper Networks - HPE to acquire Juniper Networks for $14 billion in cash, in a move to bolster its AI networking credentials. Hewlett Packard Enterprise, a veteran of the tech industry, has confirmed a multi billion dollar acquisition of Juniper Networks. HPE ...
1 year ago Silicon.co.uk
Passwordless Login: Effortless Authentication - Let's explore how passwordless login paves the way for seamless and secure user authentication, fostering trust and loyalty. The Password Dilemma Though conventional complex password-based authentication has long been a cornerstone of robust ...
1 year ago Feeds.dzone.com
What Is Kerberos Authentication?: Implementing Effective Security Protocols - Kerberos is a vital security protocol that any serious computer user must be familiar with. It is an open standard that provides a secure way of verifying the identity of user across multiple systems. The Kerberos authentication protocol is a ...
2 years ago Heimdalsecurity.com
CVE-2022-37932 - A potential security vulnerability has been identified in Hewlett Packard Enterprise OfficeConnect 1820, 1850, and 1920S Network switches. The vulnerability could be remotely exploited to allow authentication bypass. HPE has made the following ...
1 year ago
Hewlett Packard Enterprise to Acquire Juniper Networks for $14 Billion - In the first mega tech deal of 2024, Hewlett Packard Enterprise announced late Tuesday that it has agreed to acquire network equipment maker Juniper Networks for $14 billion in cash. The acquisition is expected to double HPE's networking business and ...
1 year ago Securityweek.com
Hewlett Packard RCE Vulnerability Allows Attackers to Bypass Authentication and Execute Remote Commands - A critical unauthenticated remote code execution vulnerability (CVE-2024-13804) has been discovered in HPE Insight Cluster Management Utility (CMU) v8.2, enabling attackers to bypass authentication mechanisms and execute commands with root privileges ...
2 months ago Cybersecuritynews.com CVE-2024-13804
How to Use Context-Based Authentication to Improve Security - One of the biggest security weak points for organizations involves their authentication processes. Context-based authentication offers an important tool in the battle against credential stuffing, man-in-the-middle attacks, MFA prompt bombing, and ...
1 year ago Securityboulevard.com
Top 10 Best Passwordless Authentication Tools in 2025 - Auth0 provides a flexible authentication and authorization platform that supports passwordless login methods, enhancing security and user experience by eliminating the need for traditional passwords. Okta provides a robust identity and access ...
3 months ago Cybersecuritynews.com
Cisco Routers Exposed to Remote Code Execution (RCE) Attacks: How to Protect Your Network - Protecting networks from remote code execution (RCE) attacks is now more important than ever, as thousands of end-of-life Cisco routers are exposed to these vulnerabilities. On June 10, 2020 research revealed that over 19,000 Cisco devices were still ...
2 years ago Bleepingcomputer.com
Selecting an Authentication Protocol for Your Business - Authentication protocols serve as the backbone of online security, enabling users to confirm their identities securely and access protected information and services. The protocols exchange information to verify the validity of the authentication ...
1 year ago Darkreading.com
Biometric Authentication in Business: Enhancing Security - With its high level of security, convenience, user-friendliness, and accuracy, biometric authentication is paving the way for the future of secure authentication in the business world. One of the primary advantages of implementing biometric ...
1 year ago Securityzap.com
Exploit for critical Progress Telerik auth bypass released, patch now - Researchers have published a proof-of-concept exploit script demonstrating a chained remote code execution vulnerability on Progress Telerik Report Servers. The Telerik Report Server is an API-powered end-to-end encrypted report management solution ...
11 months ago Bleepingcomputer.com CVE-2024-4358 CVE-2024-1800
JetBrains warns of new TeamCity auth bypass vulnerability - JetBrains urged customers today to patch their TeamCity On-Premises servers against a critical authentication bypass vulnerability that can let attackers take over vulnerable instances with admin privileges. Tracked as CVE-2024-23917, this critical ...
1 year ago Bleepingcomputer.com CVE-2024-23917 CVE-2023-42793 Andariel APT29
Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers - A critical Apache OFBiz pre-authentication remote code execution vulnerability is being actively exploited using public proof of concept exploits. Apache OFBiz is an open-source enterprise resource planning system many businesses use for e-commerce ...
1 year ago Bleepingcomputer.com CVE-2023-49070 CVE-2023-51467
Biometric Authentication: Advancements and Challenges - Advancements in technology are driving the world of biometric authentication into a realm where one's very being serves as the key to accessing secure systems. The Evolution of Biometric Technology has significantly transformed the landscape of ...
1 year ago Securityzap.com
ConnectWise urges ScreenConnect admins to patch critical RCE flaw - ConnectWise warned customers to patch their ScreenConnect servers immediately against a maximum severity flaw that can be used in remote code execution attacks. This security bug is due to an authentication bypass weakness that attackers can exploit ...
1 year ago Bleepingcomputer.com
3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online - Over three thousand internet-exposed Apache ActiveMQ servers are vulnerable to a recently disclosed critical remote code execution vulnerability. Apache ActiveMQ is a scalable open-source message broker that fosters communication between clients and ...
1 year ago Bleepingcomputer.com CVE-2023-46604 CVE-2023-4660
Cybersecurity Weekly Recap: Latest on Attacks, Vulnerabilities, & Data Breaches - A critical SSRF vulnerability in Microsoft Power Platform’s SharePoint connector allowed attackers to impersonate users and access sensitive data. Ivanti patched a critical command injection vulnerability in its Cloud Services Appliance (CSA), ...
4 months ago Cybersecuritynews.com CVE-2025-0108 CVE-2024-53704 CVE-2024-52875 CVE-2023-20198 CVE-2023-20273 Winnti Group
Juniper warns of critical RCE bug in its firewalls and switches - Juniper Networks has released security updates to fix a critical pre-auth remote code execution vulnerability in its SRX Series firewalls and EX Series switches. Found in the devices' J-Web configuration interfaces and tracked as CVE-2024-21591, this ...
1 year ago Bleepingcomputer.com CVE-2024-21591 CVE-2023-36844 CVE-2023-36845 CVE-2023-36846 CVE-2023-36847
Fortinet warns of critical RCE bug in endpoint management software - Fortinet patched a critical vulnerability in its FortiClient Enterprise Management Server software that can allow attackers to gain remote code execution on vulnerable servers. FortiClient EMS enables admins to manage endpoints connected to an ...
1 year ago Bleepingcomputer.com CVE-2023-48788 CVE-2024-21762 Volt Typhoon
VMware fixes critical code execution flaw in vCenter Server - VMware issued security updates to fix a critical vCenter Server vulnerability that can be exploited to gain remote code execution attacks on vulnerable servers. vCenter Server is the central management hub for VMware's vSphere suite, and it helps ...
1 year ago Bleepingcomputer.com CVE-2023-34048 CVE-2023-34056
CVE-2021-41129 - Pterodactyl is an open-source game server management panel built with PHP 7, React, and Go. A malicious user can modify the contents of a `confirmation_token` input during the two-factor authentication process to reference a cache value not ...
1 year ago
Microsoft discovers critical RCE flaw in Perforce Helix Core Server - Four vulnerabilities, one of which is rated critical, have been discovered in the Perforce Helix Core Server, a source code management platform widely used by the gaming, government, military, and technology sectors. Microsoft analysts discovered the ...
1 year ago Bleepingcomputer.com CVE-2023-5759 CVE-2023-45849 CVE-2023-35767 CVE-2023-45319
Atlassian patches critical RCE flaws across multiple products - Atlassian has published security advisories for four critical remote code execution vulnerabilities impacting Confluence, Jira, and Bitbucket servers, along with a companion app for macOS. All security issues addressed received a critical-severity ...
1 year ago Bleepingcomputer.com CVE-2023-22522 CVE-2023-22524 CVE-2022-1471 CVE-2023-22523
New Microsoft Exchange zero-days allow RCE, data theft attacks - Microsoft Exchange is impacted by four zero-day vulnerabilities that attackers can exploit remotely to execute arbitrary code or disclose sensitive information on affected installations. The zero-day vulnerabilities were disclosed by Trend Micro's ...
1 year ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)