fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

HPE Fixes Critical Zero-day Vulnerability Disclosed in December

HPE Fixes Critical Zero-day Vulnerability Disclosed in December

Hewlett Packard Enterprise (HPE) has released a security update to address a zero-day remote code execution vulnerability in the HPE Systems Insight Manager (SIM) software, disclosed last year, in December.

HPE SIM is a remote support automation and management solution for HPE servers, storage, and networking products, including HPE’s ProLiant Gen10 and ProLiant Gen9 servers.

Zero-days are publicly disclosed security bugs that the vendor hasn’t patched. In some cases, they also have publicly available proof-of-concept exploits or are actively exploited in the wild.

Security update released months after disclosure

While the company updated the security advisory with information on this security update on Wednesday, the SIM hotfix update kit which resolves the vulnerability was released more than a month ago, on April 20.

The RCE vulnerability tracked as CVE-2020-7200 was found in the latest versions (7.6.x) of HPE’s proprietary Systems Insight Manager (SIM) software, and it ONLY affects the Windows version.

HPE rated the bug as a critical severity (9.8/10) security flaw as it allows attackers with no privileges to exploit it in low complexity attacks that don’t require user interaction.

CVE-2020-7200 stems from a lack of proper validation of user-supplied data that can lead to the deserialization of untrusted data, making it possible for attackers to leverage it to execute code on servers running vulnerable SIM software.

Also Read: Compliance Course Singapore: Spotlight on the 3 Offerings

Mitigation also available

HPE also provides mitigation info for those who cannot immediately deploy the CVE-2020-7200 security update on vulnerable systems.

According to HPE, admins are required to disable the “Federated Search” and “Federated CMS Configuration” features to remove the attack vector.

System admins who use the HPE SIM management software have to use the following procedure to block CVE-2020-7200 attacks:

  1. Stop the HPE SIM Service
  2. Delete C:\Program Files\HP\Systems Insight Manager\jboss\server\hpsim\deploy\simsearch.war file from sim installed path del /Q /F C:\Program Files\HP\Systems Insight Manager\jboss\server\hpsim\deploy\simsearch.war
  3. Restart the HPE SIM Service
  4. Wait for the HPE SIM web page “https://SIM_IP:50000” to be accessible and execute the following command from a command prompt: mxtool -r -f tools\multi-cms-search.xml 1>nul 2>nul

Also Read: PDPA Singapore Guidelines: 16 Key Concepts For Your Business

Once the mitigation measures are taken, HPE SIM users will no longer be able to use the federated search feature.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us