HPE has published a security advisory highlighting vulnerabilities in the following products on March 12th, 2025. It is recommended that you take the necessary precautions by ensuring your products are always updated.
- HPE Cray EX235a Accelerator Blade – versions prior to v2.1.0 (HFP 25.1.2)
- HPE Cray EX235n Server – versions prior to v1.5.1 (HFP 24.10.1)
- HPE Cray EX255a Accelerator Blade – versions prior to v1.4.0 (HFP 25.1.2)
- HPE Cray EX425 Compute Blade – versions prior to v1.7.6 (HFP 24.10.1)
- HPE Cray EX4252 Compute Blade – versions prior to v2.0.1 (HFP 25.1.2)
- HPE ProLiant XL225n Gen10 Plus 1U Node – versions prior to v3.60_01-16-2025
- HPE ProLiant XL645d Gen10 Plus Server – versions prior to v3.40_10-04-2024 (HFP 24.11.0)
- HPE ProLiant XL675d Gen10 Plus Server – versions prior to v3.40_10-04-2024 (HFP 24.11.0)
- HPE Cray XD665 – versions prior to v1.50 On the Portal HPE Cray SC XD665 Firmware Pack 2024.09.00
- HPE Cray XD675 – versions prior to v3.1.5 (HPE Cray SC XD665 Firmware Pack 2024.09.00)
For more information on these updates, you can follow this URL:
HPE Security Bulletin – hpesbcr04827
The Guyana National CIRT recommends that users and administrators review this update and apply it where necessary.
PDF Download: HPE Security Advisory
References