HPE Cray and ProLiant XL servers update for AMD EPYC firmware
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2023-31315 |
| CWE-ID | CWE-264 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
HPE ProLiant XL675d Gen10 Plus Hardware solutions / Firmware HPE ProLiant XL645d Gen10 Plus Hardware solutions / Firmware Cray EX425 Hardware solutions / Firmware Cray EX255a Hardware solutions / Firmware Cray EX4252 Server applications / Other server solutions Cray EX235n Server applications / Other server solutions Cray EX235a Other software / Other software solutions |
| Vendor | HPE |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU96619
Risk: Low
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-31315
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper validation in a model specific register (MSR). A malicious application with ring0 access can modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution.
MitigationInstall update from vendor's website.
Vulnerable software versionsHPE ProLiant XL675d Gen10 Plus: before 3.20_08-07-2024
HPE ProLiant XL645d Gen10 Plus: before 3.20_08-07-2024
Cray EX4252: before 1.7.0
Cray EX425: before 1.7.5
Cray EX255a: before 1.1.0
Cray EX235n: before 1.5.0
Cray EX235a: before 1.9.0
CPE2.3- cpe:2.3:h:hpe:hpe_proliant_xl675d_gen10_plus:*:*:*:*:*:*:*:*
- cpe:2.3:h:hpe:hpe_proliant_xl645d_gen10_plus:*:*:*:*:*:*:*:*
- cpe:2.3:a:hpe:cray_ex4252_compute_blade:*:*:*:*:*:*:*:*
- cpe:2.3:h:hpe:cray_ex425_server:*:*:*:*:*:*:*:*
- cpe:2.3:h:hpe:cray_ex255a:*:*:*:*:*:*:*:*
- cpe:2.3:a:hpe:cray_ex235n_server:*:*:*:*:*:*:*:*
- cpe:2.3:a:hpe:cray_ex235a_accelerator_blade:*:*:*:*:*:*:*:*
https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbcr04683en_us
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
