Full Report
HPE security advisory (AV26-157)
Analysis Summary
# Vulnerability: Intel Processor Local Denial of Service in Certain HPE SimpiVity Servers
## CVE Details
- CVE ID: Not explicitly provided in the text snippet, but referenced under **HPESBHF04864 rev.1** related to **INTEL-SA-01244**.
- CVSS Score: Not explicitly provided in the text snippet.
- CWE: Local Denial of Service Vulnerability (Implied by reference)
## Affected Systems
- Products: HPE SimpliVity 380 Gen11 servers using Certain Intel Processors.
- Versions: Versions prior to SimpliVity Support Pack (SVTSP) Gen11 v2025\_1001.
- Configurations: Dependent on specific Intel Processors being utilized.
## Vulnerability Description
The advisory references an Intel Processor Advisory (INTEL-SA-01244) concerning a **Local Denial of Service Vulnerability** affecting certain HPE SimpiVity servers running specific Intel Processors. This is related to the processing capabilities of the underlying CPU microcode/firmware, not necessarily the host application layer itself. (Note: Specific technical details require consulting the linked advisories.)
## Exploitation
- Status: Unknown based on this summary, but likely risk is elevated due to Intel Advisory linkage.
- Complexity: Unknown.
- Attack Vector: Local (Implies access to the system, likely via a locally authenticated user or process).
## Impact
- Confidentiality: Unknown (Likely low if strictly DoS).
- Integrity: Unknown.
- Availability: Likely High (Due to the Denial of Service nature).
## Remediation
### Patches
- HPE SimpliVity 380 Gen11: Update to **SimpliVity Support Pack (SVTSP) Gen11 v2025\_1001** or later.
### Workarounds
- No specific workarounds were detailed in this summary excerpt, but users should consult **HPESBHF04864 rev.1** and **INTEL-SA-01244**.
## Detection
- Indicators of compromise: Not detailed in this summary.
- Detection methods and tools: Monitoring system stability and investigating CPU-related error logs corresponding to the vulnerability window may be relevant.
## References
- Vendor Advisories:
- HPESBHF04864 rev.1
- INTEL-SA-01244 (Intel Processor Advisory)
- Relevant links:
- hxxps://support.hpe.com/hpesc/public/docDisplay?docId=hpesbhf04864en_us&docLocale=en_US
- hxxps://support.hpe.com/connect/s/securitybulletinlibrary?language=en_US