HPE has released a new security bulletin that reveals a zero-day vulnerability in the latest version of its Systems Insight Manager (SIM) server software. HP SIM is a remote management and support automation solution for Windows and Linux for use with corporate server, storage, and networking products. The recently disclosed zero-day vulnerability, tracked as CVE-2020-7200, was first reported by security researcher Harrison Neal through Trend Micro's Zero Day Initiative and affects version 7.6 of the SIM software. of the company Although HPE has released mitigation information for the vulnerability and is currently working on a patch to fully resolve the issue, it has not disclosed whether zero-day is actively exploited in the wild.
Remote code execution
HPE assigned the vulnerability a critical severity score of 9,8 because it can be exploited by unprivileged attackers to remotely execute code on servers running the vulnerable version of its SIM software. In its security bulletin, the company explained that the vulnerability can be mitigated by disabling SIM's "Federated Search" and "Federated CMS Configuration" features. HPE will also release a full patch that prevents the remote code execution vulnerability in the coming weeks. However, for now, system administrators using HPE SIM Management Software will need to stop the HP SIM service, remove the simsearch.ware file, restart the service, and run the command "mxtool -r -f tools multi-cms - search.xml 1> nul 2> nul" from a command prompt. While this will prevent the vulnerability from being exploited by potential attackers, it will also mean that HP SIM users will no longer be able to use the federated search feature. Via BleepingComputer