9 matches found
EUVD-2020-28341
Malware in sbrugna...
CVE-2020-7207
A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine IE. This attack requires a physical attack to the server motherboard. To mitigate this issue, ensure your server is always physically secured. HPE will...
CVE-2021-29213
A potential local bypass of security restrictions vulnerability has been identified in HPE ProLiant DL20 Gen10, HPE ProLiant ML30 Gen10, and HPE ProLiant MicroServer Gen10 Plus server's system ROMs prior to version 2.52. The vulnerability could be locally exploited to cause disclosure of sensitiv...
Privilege escalation
A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine IE. This attack requires a physical attack to the server motherboard. To mitigate this issue, ensure your server is always physically secured. HPE will...
CVE-2020-7207
CVE-2020-7207 affects HPE ProLiant Gen10 servers with Intel Innovation Engine. The vulnerability enables local privilege escalation via physical access to the server motherboard. Root cause: compromised access to hardware/platform state enables elevation of privileges; impact includes high confid...
HPESBHF04020 rev.2 - HPE insmod and GRUB2 vulnerability, Local Arbitrary Code Execution
Potential Security Impact: Local: Arbitrary Code Execution SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Intelligent Provisioning Gen10 and Gen10 Plus Servers - v3.30.226, v3.46, Gen9 - Prior to 2.82, Gen8 - Prior to 1.72 HPE Service Pack for ProLiant Prior to Version 2020.03.2...
HPESBHF03972 rev.3 - HPE ProLiant, Synergy, Edgeline and Apollo Gen10 Server Platform using TPM, Remote Disclosure of Information
Potential Security Impact: Local: Disclosure of Information; Remote: Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Synergy 660 Gen10 Compute Module - Prior to 73.20 HPE ProLiant XL230k Gen10 Server - Prior to 73.20 HPE ProLiant XL190r Gen10 Server -...
HPESBHF03932 rev.2 - HPE Products using certain Intel UEFI Reference Code, Local Escalation of Privilege, Denial of Service Vulnerabilities
Potential Security Impact: Local: Denial of Service DoS, Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant DL360 Gen10 Server Firmware prior to 2.04 04/18/2019 HPE ProLiant DL160 Gen10 Server Firmware prior to 2.04 04/18/2019 HPE ProLiant DL180...
HPESBHF03914 rev.1 - Certain HPE Servers with Intel Server Platform Services (SPS) Firmware, Multiple Local Vulnerabilities
Potential Security Impact: Local: Authentication Bypass, Denial of Service DoS, Execution of Arbitrary Code SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE ProLiant DL380 Gen10 Server Prior to Server Platform Services SPS 04.01.04.2512 Apr 2019 HPE ProLiant DL360 Gen10 Server...