blanchet
Guru
- Joined
- Apr 17, 2018
- Messages
- 516
This is a guide to upgrade HPE iLO4 firmware to fix CVE-2017-12542.
It is a remove vulnerability (details) so it is worth applying the security patch.
iLO is a HPE Baseboard Management Controller (BMC) that equips most of HPE servers. If you have Gen8 or Gen9 HPE servers, (for example the very popular HPE Microserver Gen8), you may be affected.
Procedure:
It is a remove vulnerability (details) so it is worth applying the security patch.
iLO is a HPE Baseboard Management Controller (BMC) that equips most of HPE servers. If you have Gen8 or Gen9 HPE servers, (for example the very popular HPE Microserver Gen8), you may be affected.
Procedure:
- Download the firmware 2.55b from HPE (without registration).
- Get Online ROM Flash Component for Windows x64 - HPE Integrated Lights-Out 4
- Download
cp034895.exe - In spite of HPE instructions, Windows is not required, you can extract the firmware with
unzipfrom Linux or FreeBSD:unzip cp034895.exeto get the firmware fileilo_255.bin
- Connect to the ILO web interface and go the firmware update section.
- Upload
ilo_255.bin - It takes few minutes to upload the file, check signatures and then install the new firmware.
- At the end, iLO reboots.
- Finally, you can login to the new firmware.
- You can apply the procedure on a running system because only iLO reboots, not the computer.
- I have tested this procedure on my HPE Microserver Gen8 and it works perfectly. All iLO settings are preserved.
