Security Bulletins

Inspur takes security vulnerabilities very seriously and seeks to respond quickly and appropriately. We are working to resolve issues quickly when problems arise, and providing recommendations through security advisories and security notices.

Security Notice (SN): Provide information of general interest about security topics related to Inspur products or the use of Inspur products.

Security Advisory (SA): Provide information about security vulnerabilities identified with Inspur products, including any fixes, workarounds or other actions.

To report an Inspur product vulnerability or find out how vulnerabilities are handled, please visit the Product Security Incident Response page.


LATEST

Security Notice – Statement on the SPF Vulnerability of the inspursystems website

On June 18, 2019, we received an SPF vulnerability of the inspursystems website reported by external security officer sahil kataria. The relevant technical personnel confirmed that the vulnerability exists and…


Security Advisory – BMC ASPEED and some other security vulnerabilities

The ASPEED ast2400 and ast2500 Baseband Management Controller (BMC) hardware and firmware implement Advanced High-performance Bus (AHB) bridges, which allow arbitrary read and …


Security Notice – Statement on “VoltJockey” and other vulnerabilities of Intel processor

On December 10, 2019, Intel disclosed several potential security vulnerabilities. Intel processor vulnerabilities(CVE-2019-11157和CVE-2019-14607) may allow escalation of privilege…


Security Notice – Statement on Intel Processors Data Leakage Advisory (INTEL-SA-00329)

On January 27, 2020, intel released a security update that disclosed two security vulnerabilities of Intel processors that could lead to information disclosure. CVE numbers are CVE…


Security Notice – Statement On Ripple20 Vulnerabilities

The JSOF research lab has discovered a series of zero-day vulnerabilities in a widely used low-level TCP/IP software library developed by Treck, Inc. The 19 vulnerabilities, given …


Security Notice – Statement On Grub2 Vulnerability Aka BootHole

On July 29th, a researcher disclosed a vulnerability in Linux GRUB2 bootloaders called “BootHole” (CVE-2020-10713). An attacker may use the GRUB 2 flaw to hijack and tamper the GRU…


Security Notice – Statement On Ripple20 Vulnerabilities

The JSOF research lab has discovered a series of zero-day vulnerabilities in a widely used low-level TCP/IP software library developed by Treck, Inc. The 19 vulnerabilities, given …


Security Notice – Statement on Intel TSX Asynchronous Abort (TAA)

On November 12, 2019, Intel disclosed several potential security vulnerabilities. These potential security vulnerabilities may allow escalation of privilege, denial of service or i…


Security Advisory – The Side Channel Vulnerabilities "MDS" of Chips

On May 14, 2019, Intel disclosed four new side channel vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091), Intel unified this series of vulnerabil…


Security Notice – Statement On intel-sa-00295

Potential security vulnerabilities in Intel Converged Security and Manageability Engine (CSME), Intel Server Platform Services (SPS), Intel Trusted Execution Engine (TXE), Intel Active Management Technology (AMT), Intel Standard…


1 2