CIRT.GY | HPE Security Advisory (December 6th, 2025)

HPE Security Advisory (December 6th, 2025)

Ref# ADV2025_405 | Date: Dec 8th 2025

HPE published a security advisory highlighting vulnerabilities in the following product on December 5th, 2025. It is recommended that you take the necessary precautions by ensuring your product is always updated.

HPE Cray XD670 – versions prior to v2.06

For more information on this update, you can follow these URLs:

HPESBCR04979 rev.1 – HPE Cray XD670 Server Using Certain Intel Processors, INTEL-SA-01280, 2025.3 IPU, Intel Chipset Firmware Advisory, Multiple Vulnerabilities

HPESBCR04980 rev.1 – HPE Cray XD670 Server Using Certain Intel Processors, INTEL-SA-01312, Intel TDX Module Advisory, Multiple Vulnerabilities

HPESBCR04981 rev.1 – HPE Cray XD670 Server Using Certain Intel Processors, INTEL-SA-01313, 2025.3 IPU, Intel Xeon Processor Firmware Advisory, Multiple Vulnerabilities

HPESBCR04982 rev.1 – HPE Cray XD670 Server Using UEFI, Multiple Vulnerabilities

HPE Security Bulletin Library

The Guyana National CIRT recommends that users and administrators review this update and apply it where necessary.

References

HPE Security Advisory (December 5th, 2025). Retrieved from HPE. https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbcr04979en_us&docLocale=en_US#hpesbcr04979-rev-1-hpe-cray-xd670-server-using-cer-0

HPE Security Advisory. (December 5th, 2025). Retrieved from Canadian Centre for Cyber Security. https://www.cyber.gc.ca/en/alerts-advisories/hpe-security-advisory-av25-809