CVE-2025-37149
📋 TL;DR
An out-of-bounds read vulnerability in HPE ProLiant RL300 Gen11 Server UEFI firmware could allow attackers to read sensitive memory contents. This affects organizations using these specific HPE servers with vulnerable firmware versions. The vulnerability requires local access to exploit.
💻 Affected Systems
- HPE ProLiant RL300 Gen11 Server
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
An attacker with local access could read sensitive data from UEFI memory, potentially exposing credentials, encryption keys, or other protected information that could lead to further system compromise.
Likely Case
Information disclosure of limited memory contents, potentially revealing system state information but unlikely to lead directly to full system compromise without additional vulnerabilities.
If Mitigated
Minimal impact with proper access controls preventing unauthorized local access to servers.
🎯 Exploit Status
Exploitation requires local access to the server and knowledge of UEFI exploitation techniques. No public exploit code is currently available.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Refer to HPE advisory for specific patched firmware version
Vendor Advisory: https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbhf04952en_us&docLocale=en_US
Restart Required: Yes
Instructions:
1. Download the updated UEFI firmware from HPE Support. 2. Follow HPE's firmware update procedures for ProLiant RL300 Gen11 servers. 3. Apply the firmware update. 4. Reboot the server to complete the update.
🔧 Temporary Workarounds
Restrict physical and console access
allLimit physical access to servers and restrict console/management interface access to authorized personnel only
Implement strict access controls
allEnsure only authorized administrators have local access to servers and implement multi-factor authentication for management interfaces
🧯 If You Can't Patch
- Isolate affected servers in secure data centers with strict physical access controls
- Monitor for unauthorized access attempts and implement enhanced logging of local access events
🔍 How to Verify
Check if Vulnerable:
Check current UEFI firmware version via iLO interface or HPE System Management Homepage and compare against vulnerable versions in HPE advisoryCheck Version:
From iLO or system management interface: show /system1/firmware1Verify Fix Applied:
Verify UEFI firmware version has been updated to patched version specified in HPE advisory📡 Detection & Monitoring
Log Indicators:
- Unauthorized local access attempts
- Unexpected firmware access or modification events
- System management interface authentication failures
Network Indicators:
- Unusual outbound traffic from management interfaces
- Unauthorized access to iLO/management network segments
SIEM Query:
source="ilo_logs" AND (event_type="authentication_failure" OR event_type="firmware_access")