What is CVE-2023-50272?

A significant vulnerability has been identified in HPE Integrated Lights-Out 5 and 6. This high-severity issue could allow remote authentication bypass. Immediate patching is critical to mitigate potential risks.

What is the severity of CVE-2023-50272?

CVE-2023-50272 has a severity rating of HIGH with a CVSS base score of 7.5.

CVE-2023-50272 | High Vulnerability in HPE Integrated Lights-Out

A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 6 (iLO 6). This vulnerability allows remote exploitation that could lead to authentication bypass, posing significant risks to affected systems.

The severity of this vulnerability is classified as high, with a CVSS score of 7.5. This indicates a serious risk to organizations that utilize these systems, as attackers could potentially exploit the vulnerability to gain unauthorized access.

Given the nature of the issue, organizations should prioritize patching immediately. Exploitation is plausible, and the potential impact on confidentiality and integrity is significant.

Current intelligence indicates no known public exploits or proof of concepts available, but this does not mitigate the urgency for remediation.

Vulnerability Details

The vulnerability identified in HPE Integrated Lights-Out firmware versions 5 and 6 could be exploited remotely, allowing attackers to bypass authentication mechanisms. The CVSS score from the NVD indicates a critical level of risk, with a base score of 9.8 and a severity classification of critical. This reflects substantial potential impacts across confidentiality, integrity, and availability.

Affected versions include integrated_lights-out_5_firmware with versions ranging from 2.63 to 3.00 and integrated_lights-out_6_firmware from 1.05 to 1.55. The official disclosure date was December 19, 2023.

Technical Analysis

The root cause of this vulnerability stems from inadequate authentication checks in the affected firmware, which enables attackers to initiate unauthorized sessions. The attack vector is network-based, with a high complexity requirement, meaning that while exploitation is feasible, it may require a sophisticated approach.

Exploitation does not require any user interaction and can occur without prior privileges, leading to potential unauthorized access. The impacts on confidentiality are low, but integrity could be significantly compromised, as attackers may alter configurations or settings.

Risk & Impact Analysis

Risk to organizations includes significant potential for unauthorized access and manipulation of critical infrastructure. The blast radius could affect multiple components relying on the compromised firmware, escalating the impact across the organization.

Given the high CVSS score and exploitability assessment, organizations should address this vulnerability in their priority patch cycle. The potential for exploitation can lead to severe consequences, including data breaches and operational disruptions.

The current EPSS score indicates a lower percentile for risk of exploitation; however, organizations should not become complacent. The urgency for remediation remains high.

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

Specific affected versions include integrated_lights-out_5_firmware from 2.63 to 3.00 and integrated_lights-out_6_firmware from 1.05 to 1.55. Organizations should ensure they are not running these versions in their environments to mitigate risks associated with this vulnerability.

Mitigation & Remediation

Organizations should prioritize updating to the latest firmware versions provided by HPE. If an immediate patch is unavailable, consider implementing strict network controls and monitoring to detect any unauthorized access attempts.

For detailed remediation guidance, organizations can refer to the HPE advisory for further instructions on the patching process.

Penetration testing should also be considered to validate the effectiveness of the implemented controls.

Detection Guidance

Monitoring for unauthorized access attempts or unusual behavior on affected systems is crucial. Organizations should review logs regularly and set up alerts for failed login attempts or unexpected access patterns.

AppSecure Threat Intelligence Insight

This vulnerability highlights the need for continuous monitoring and validation of security measures in place. The potential for exploitation underscores the importance of regular updates and adherence to security best practices.

Organizations should also consider reviewing their incident response plans to ensure they can effectively respond to potential breaches stemming from vulnerabilities like this.

For further reading on improving security posture, refer to our article on penetration testing methodology which provides insights into effective security practices.

Additionally, reviewing the vulnerability management program can help organizations to proactively address and manage vulnerabilities.

Lastly, consider integrating regular security assessments based on the latest threat intelligence to enhance overall security resilience.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2023-50272: High Vulnerability in HPE Integrated Lights-Out