CIRT.GY | HPE Security Advisory (October 16th, 2025)

HPE Security Advisory (October 16th, 2025)

Ref# ADV2025_380 | Date: Oct 16th 2025

HPE published security advisories to address vulnerabilities in the following products between October 13 and 15, 2025. It is recommended that you take these necessary precautions by ensuring your products are always updated.

HPE ProLiant RL300 Gen11 – versions prior to v1.78
HPE ProLiant AMD Servers – multiple versions and platforms
HPE Aruba Networking – multiple versions and platforms

For more information on this update, you can follow these URLs:

The Guyana National CIRT recommends that users and administrators review these updates and apply them where necessary.

PDF Download: HPE Security Advisory

References

Hewlett Packard Enterprise. (2025, October 14). HPESBHF04952 Rev.1 – HPE ProLiant RL300 Gen11 Server, Out-of-Bound reads vulnerability. https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbhf04952en_us&docLocale=en_US
Hewlett Packard Enterprise. (2025, October 14). HPESBHF04956 Rev.1 – Certain HPE ProLiant AMD servers using certain AMD EPYC processors, AMD-SB-3020: SEV-SNP RMP Initialization vulnerability, Local Unauthorized Access vulnerability. https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbhf04956en_us&docLocale=en_US
Hewlett Packard Enterprise. (2025, October 14). HPESBNW04957 Rev.1 – HPE Aruba Networking AOS-10 and AOS-8 Mobility Conductor, Controllers, and Gateways, Multiple Vulnerabilities. https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us&docLocale=en_US
Hewlett Packard Enterprise. (2025, October 15). HPESBNW04958 Rev.1 – HPE Aruba Networking AOS-8 Instant AP and AOS-10 AP, Multiple Vulnerabilities. https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04958en_us&docLocale=en_US
Hewlett Packard Enterprise. (n.d.). Security Bulletin Library | HPE Support. https://support.hpe.com/connect/s/securitybulletinlibrary?language=en_US#sort=%40hpescuniversaldate%20descending&layout=table&numberOfResults=25&f:@kmdoclanguagecode=[cv1871440]&hpe=1
HPE Security Advisory. (October 16^th, 2025). Retrieved from Canadian Centre for Cyber Security. https://www.cyber.gc.ca/en/alerts-advisories/hpe-security-advisory-av25-673