Full Report
HPE security advisory (AV26-234)
Analysis Summary
# Vulnerability: Local Escalation of Privilege in HPE Compute Scale-up Server 3200
## CVE Details
- **CVE ID:** CVE-2023-38602 (Associated with INTEL-SA-01396)
- **CVSS Score:** 7.5 (High)
- **CWE:** CWE-284 (Improper Access Control)
## Affected Systems
- **Products:** HPE Compute Scale-up Server 3200
- **Versions:** All firmware versions prior to v1.70.74
- **Configurations:** Systems utilizing certain Intel processors (Intel 2026.1 IPU cycle)
## Vulnerability Description
The vulnerability stems from improper access control in the firmware for certain Intel processors used in the HPE Compute Scale-up Server 3200 platform. A local attacker may be able to exploit this flaw to bypass security restrictions, potentially leading to an escalation of privileges, data leakage, or unauthorized modification of system settings.
## Exploitation
- **Status:** No reports of exploitation in the wild at the time of advisory; PoC not publicly disclosed.
- **Complexity:** Medium
- **Attack Vector:** Local (Requires authenticated access to the system)
## Impact
- **Confidentiality:** High (Potential unauthorized access to sensitive data)
- **Integrity:** High (Potential unauthorized modification of system firmware/settings)
- **Availability:** High (Potential for system instability or denial of service)
## Remediation
### Patches
HPE has released firmware updates to mitigate this vulnerability. Users are advised to upgrade to the following version:
- **HPE Compute Scale-up Server 3200:** Update to version **v1.70.74** or later.
### Workarounds
No specific non-patch workarounds have been provided by the vendor. The primary mitigation is the application of the updated firmware.
## Detection
- **Indicators of compromise:** Monitor for unusual administrative activity or unauthorized changes to system firmware settings.
- **Detection methods and tools:** Audit system logs for privilege escalation attempts and verify current firmware versions against the recommended baseline using HPE Integrated Lights-Out (iLO) or HPE OneView.
## References
- **HPE Security Advisory:** hxxps[://]support[.]hpe[.]com/hpesc/public/docDisplay?docId=hpesbhf05024en_us&docLocale=en_US
- **Intel Security Advisory:** hxxps[://]www[.]intel[.]com/content/www/us/en/security-center/advisory/intel-sa-01396[.]html
- **HPE Security Bulletin Library:** hxxps[://]support[.]hpe[.]com/connect/s/securitybulletinlibrary?language=en_US