Full Report
HPE security advisory (AV26-333)
Analysis Summary
# Vulnerability: Multiple BIOS/Firmware Vulnerabilities in HPE Scalable Servers (Intel 2025.3 IPU)
## CVE Details
*Note: The advisory refers to Intel-SA-01234. While the specific CVE list is exhaustive in the full Intel IPU, the primary focus is on UEFI/BIOS integrity.*
- **CVE ID:** CVE-2024-21844, CVE-2024-23918, CVE-2024-21820 (and others associated with Intel-SA-01234)
- **CVSS Score:** Up to 8.2 (High)
- **CWE:** CWE-20 (Improper Input Validation), CWE-122 (Heap-based Buffer Overflow)
## Affected Systems
- **Products:**
- HPE Superdome Flex server
- HPE Superdome Flex 280 server
- HPE Compute Scale-Up Server 3200 Platform
- **Versions:**
- Superdome Flex: Versions prior to v4.10.18
- Superdome Flex 280: Versions prior to v2.05.12
- Compute Scale-Up Server 3200: Versions prior to v1.60.88
- **Configurations:** Systems utilizing Intel processors and UEFI Reference Firmware impacted by the 2025.3 Intel Platform Update (IPU).
## Vulnerability Description
These vulnerabilities stem from the UEFI reference firmware and Intel processor BIOS. Technical flaws include improper input validation and buffer overflows within the BIOS/firmware components. If triggered, these flaws can allow an attacker to execute arbitrary code or escalate privileges during the pre-boot or runtime phase via the System Management Mode (SMM), potentially bypassing operating system security controls.
## Exploitation
- **Status:** Potential for exploitation; no widespread "in the wild" reports confirmed for these specific HPE implementations at the time of advisory.
- **Complexity:** Medium to High (often requires local administrative access or specific system configurations to trigger).
- **Attack Vector:** Local (typically requires an attacker to have authenticated access to the host OS to interact with firmware interfaces).
## Impact
- **Confidentiality:** High (Potential access to memory and sensitive encryption keys)
- **Integrity:** High (Firmware-level persistence and modification of OS-level security features)
- **Availability:** High (Potential to render the system unbootable or cause system crashes)
## Remediation
### Patches
HPE recommends updating to the following firmware versions or later:
- **HPE Superdome Flex:** Update to **v4.10.18**
- **HPE Superdome Flex 280:** Update to **v2.05.12**
- **HPE Compute Scale-Up Server 3200:** Update to **v1.60.88**
### Workarounds
- No specific workarounds are provided; BIOS/Firmware updates are the only definitive resolution for these hardware-level vulnerabilities.
- Ensure strict access control to the operating system to prevent unauthorized local users from interacting with the BIOS/UEFI interfaces.
## Detection
- **Indicators of Compromise:** Unusual unauthorized modifications to BIOS settings or unauthorized firmware updates.
- **Detection Methods and Tools:** Use HPE Integrated Lights-Out (iLO) or Management Software to verify current firmware versions against the recommended secure versions.
## References
- HPE Security Bulletin: [hxxps://support.hpe[.]com/hpesc/public/docDisplay?docId=hpesbhf05030en_us&docLocale=en_US]
- HPE Security Bulletin Library: [hxxps://support.hpe[.]com/connect/s/securitybulletinlibrary?language=en_US]
- Canadian Centre for Cyber Security Advisory: [hxxps://www.cyber.gc[.]ca/en/alerts-advisories/hpe-security-advisory-av26-333]