Risk | Low |
Patch available | YES |
Number of vulnerabilities | 11 |
CVE-ID | CVE-2021-46769 CVE-2021-26354 CVE-2021-26371 CVE-2021-26379 CVE-2021-46763 CVE-2021-46756 CVE-2021-46775 CVE-2021-46764 CVE-2023-20520 CVE-2021-26356 CVE-2021-46762 |
CWE-ID | CWE-20 CWE-119 CWE-401 CWE-787 CWE-121 CWE-367 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software |
Cray EX235a Other software / Other software solutions |
Vendor | HPE |
Security Bulletin
This security bulletin contains information about 11 vulnerabilities.
EUVDB-ID: #VU75920
Risk: Low
CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-46769
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient syscall validation in the ASP Bootloader. A local privileged user can execute arbitrary DMA copies and escalate privileges on the system.
Install update from vendor's website.
Vulnerable software versionsCray EX235a: before 1.6.2
CPE2.3 External linkshttp://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04455en_us
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75923
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-26354
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in ASP. A malicious process can issue a system call from a compromised ABL, which can cause arbitrary memory values to be initialized to zero, leading to loss of integrity and a potential crash.
Install update from vendor's website.
Vulnerable software versionsCray EX235a: before 1.6.2
CPE2.3 External linkshttp://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04455en_us
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75981
Risk: Low
CVSSv3.1: 3.3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-26371
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due memory leak. A compromised or malicious ABL or UApp can send a SHA256 system call to the bootloader and expose ASP memory to userspace.
MitigationInstall update from vendor's website.
Vulnerable software versionsCray EX235a: before 1.6.2
CPE2.3 External linkshttp://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04455en_us
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75982
Risk: Low
CVSSv3.1: 8.6 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-26379
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient input validation of mailbox data in the SMU. A local user can coerce the SMU to corrupt SMRAM and execute arbitrary code with elevated privileges.
Install update from vendor's website.
Vulnerable software versionsCray EX235a: before 1.6.2
CPE2.3 External linkshttp://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04455en_us
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75986
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-46763
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
Description The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in the SMU. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
Install update from vendor's website.
Vulnerable software versionsCray EX235a: before 1.6.2
CPE2.3 External linkshttp://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04455en_us
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75985
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-46756
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation in SVC_MAP_USER_STACK in the ASP (AMD Secure Processor) bootloader. A local user with a malicious Uapp or ABL can send malformed or invalid syscall to the bootloader and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsCray EX235a: before 1.6.2
CPE2.3 External linkshttp://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04455en_us
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75988
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-46775
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in ABL. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
Install update from vendor's website.
Vulnerable software versionsCray EX235a: before 1.6.2
CPE2.3 External linkshttp://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04455en_us
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75987
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-46764
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation of DRAM addresses in SMU. A local user can overwrite sensitive memory locations within the ASP and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsCray EX235a: before 1.6.2
CPE2.3 External linkshttp://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04455en_us
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75992
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-20520
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in ASP Bootloader. A local user can trigger a stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
Vulnerable software versionsCray EX235a: before 1.6.2
CPE2.3 External linkshttp://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04455en_us
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75925
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-26356
CWE-ID:
CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a race condition in ASP bootloader. A local user can tamper with the SPI ROM, corrupt S3 data and gain access to sensitive information.
Install update from vendor's website.
Vulnerable software versionsCray EX235a: before 1.6.2
CPE2.3 External linkshttp://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04455en_us
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75990
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-46762
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in the SMU. A local user can corrupt SMU SRAM and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsCray EX235a: before 1.6.2
CPE2.3 External linkshttp://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04455en_us
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.