Multiple vulnerabilities in HPE Synergy Servers using Certain Intel Processor BIOS



Published: 2023-03-21
Risk Low
Patch available YES
Number of vulnerabilities 11
CVE-ID CVE-2021-0154
CVE-2021-0153
CVE-2021-33123
CVE-2021-0190
CVE-2021-33122
CVE-2021-0189
CVE-2021-33124
CVE-2021-33103
CVE-2021-0159
CVE-2021-0188
CVE-2021-0155
CWE-ID CWE-20
CWE-787
CWE-284
CWE-248
CWE-691
CWE-823
CWE-441
CWE-466
CWE-252
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe
HPE Synergy 680 Gen9 Compute Module
Hardware solutions / Firmware

HPE Synergy 660 Gen9 Compute Module
Hardware solutions / Firmware

HPE Synergy 620 Gen9 Compute Module
Hardware solutions / Firmware

HPE Synergy 480 Gen9 Compute Module
Hardware solutions / Firmware

HPE Synergy 660 Gen10 Compute Module
Hardware solutions / Firmware

HPE Synergy 480 Gen10 Compute Module
Hardware solutions / Firmware

HPE Synergy 480 Gen10 Plus Compute Module
Other software / Other software solutions

Vendor HPE

Security Bulletin

This security bulletin contains information about 11 vulnerabilities.

1) Input validation error

EUVDB-ID: #VU63081

Risk: Low

CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-0154

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insufficient validation of user-supplied input in the BIOS firmware. A local user can escalate privileges on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

HPE Synergy 680 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 660 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 620 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 480 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 660 Gen10 Compute Module: before 2.66_06_01_2022

HPE Synergy 480 Gen10 Compute Module: before 2.66_06_01_2022

HPE Synergy 480 Gen10 Plus Compute Module: before 1.60_06_01_2022

External links

http://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04292en_us


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds write

EUVDB-ID: #VU63082

Risk: Low

CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-0153

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in the BIOS firmware. A local user can  run a specially crafted program to trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

HPE Synergy 680 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 660 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 620 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 480 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 660 Gen10 Compute Module: before 2.66_06_01_2022

HPE Synergy 480 Gen10 Compute Module: before 2.66_06_01_2022

HPE Synergy 480 Gen10 Plus Compute Module: before 1.60_06_01_2022

External links

http://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04292en_us


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper access control

EUVDB-ID: #VU63083

Risk: Low

CVSSv3.1: 6.9 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-33123

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system

The vulnerability exists due to improper access restrictions in the BIOS authenticated code module. A local user can obtain elevated privileges on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

HPE Synergy 680 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 660 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 620 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 480 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 660 Gen10 Compute Module: before 2.66_06_01_2022

HPE Synergy 480 Gen10 Compute Module: before 2.66_06_01_2022

HPE Synergy 480 Gen10 Plus Compute Module: before 1.60_06_01_2022

External links

http://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04292en_us


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Uncaught Exception

EUVDB-ID: #VU63099

Risk: Low

CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-0190

CWE-ID: CWE-248 - Uncaught Exception

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to uncaught exception in the BIOS firmware. A local user can run a specially crafted program to execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

HPE Synergy 680 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 660 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 620 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 480 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 660 Gen10 Compute Module: before 2.66_06_01_2022

HPE Synergy 480 Gen10 Compute Module: before 2.66_06_01_2022

HPE Synergy 480 Gen10 Plus Compute Module: before 1.60_06_01_2022

External links

http://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04292en_us


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Insufficient Control Flow Management

EUVDB-ID: #VU63175

Risk: Low

CVSSv3.1: 6.9 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-33122

CWE-ID: CWE-691 - Insufficient Control Flow Management

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insufficient control flow management in the BIOS firmware. A local user can run a specially crafted program to execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

HPE Synergy 680 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 660 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 620 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 480 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 660 Gen10 Compute Module: before 2.66_06_01_2022

HPE Synergy 480 Gen10 Compute Module: before 2.66_06_01_2022

HPE Synergy 480 Gen10 Plus Compute Module: before 1.60_06_01_2022

External links

http://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04292en_us


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Use of Out-of-range Pointer Offset

EUVDB-ID: #VU63176

Risk: Low

CVSSv3.1: 6.5 [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-0189

CWE-ID: CWE-823 - Use of Out-of-range Pointer Offset

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to use of out-of-range pointer offset in the BIOS firmware. A local user can execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

HPE Synergy 680 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 660 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 620 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 480 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 660 Gen10 Compute Module: before 2.66_06_01_2022

HPE Synergy 480 Gen10 Compute Module: before 2.66_06_01_2022

HPE Synergy 480 Gen10 Plus Compute Module: before 1.60_06_01_2022

External links

http://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04292en_us


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Out-of-bounds write

EUVDB-ID: #VU63177

Risk: Low

CVSSv3.1: 6.5 [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-33124

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in the BIOS authenticated code module. A local user can run a specially crafted program to trigger an out-of-bounds write error and execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

HPE Synergy 680 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 660 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 620 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 480 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 660 Gen10 Compute Module: before 2.66_06_01_2022

HPE Synergy 480 Gen10 Compute Module: before 2.66_06_01_2022

HPE Synergy 480 Gen10 Plus Compute Module: before 1.60_06_01_2022

External links

http://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04292en_us


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Unintended proxy or intermediary

EUVDB-ID: #VU63178

Risk: Low

CVSSv3.1: 6.5 [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-33103

CWE-ID: CWE-441 - Unintended Proxy or Intermediary ('Confused Deputy')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to presence of an unintended proxy in the BIOS authenticated code module. A local user can execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

HPE Synergy 680 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 660 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 620 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 480 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 660 Gen10 Compute Module: before 2.66_06_01_2022

HPE Synergy 480 Gen10 Compute Module: before 2.66_06_01_2022

HPE Synergy 480 Gen10 Plus Compute Module: before 1.60_06_01_2022

External links

http://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04292en_us


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Input validation error

EUVDB-ID: #VU63179

Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-0159

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insufficient validation of user-supplied input in the BIOS authenticated code module. A local user can pass specially crafted data to the affected module and execute arbitrary code on the system with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

HPE Synergy 680 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 660 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 620 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 480 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 660 Gen10 Compute Module: before 2.66_06_01_2022

HPE Synergy 480 Gen10 Compute Module: before 2.66_06_01_2022

HPE Synergy 480 Gen10 Plus Compute Module: before 1.60_06_01_2022

External links

http://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04292en_us


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Return of pointer value outside of expected range

EUVDB-ID: #VU63180

Risk: Low

CVSSv3.1: 4.6 [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-0188

CWE-ID: CWE-466 - Return of pointer value outside of expected range

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a boundary error in the BIOS firmware. A local user can force the firmware to return pointer value outside of expected range and gain access to potentially sensitive information.


Mitigation

Install update from vendor's website.

Vulnerable software versions

HPE Synergy 680 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 660 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 620 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 480 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 660 Gen10 Compute Module: before 2.66_06_01_2022

HPE Synergy 480 Gen10 Compute Module: before 2.66_06_01_2022

HPE Synergy 480 Gen10 Plus Compute Module: before 1.60_06_01_2022

External links

http://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04292en_us


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Unchecked Return Value

EUVDB-ID: #VU63181

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-0155

CWE-ID: CWE-252 - Unchecked Return Value

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to unchecked return value in the BIOS firmware. A local user can gain access to potentially sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

HPE Synergy 680 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 660 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 620 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 480 Gen9 Compute Module: before 2.96_05_17_2022

HPE Synergy 660 Gen10 Compute Module: before 2.66_06_01_2022

HPE Synergy 480 Gen10 Compute Module: before 2.66_06_01_2022

HPE Synergy 480 Gen10 Plus Compute Module: before 1.60_06_01_2022

External links

http://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04292en_us


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###