<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>HPC Pack - CraftedSignal Threat Feed</title><link>https://feed.craftedsignal.io/products/hpc-pack/</link><description>Trending threats, MITRE ATT&amp;CK coverage, and detection metadata. Fed continuously.</description><generator>Hugo</generator><language>en</language><managingEditor>hello@craftedsignal.io</managingEditor><webMaster>hello@craftedsignal.io</webMaster><lastBuildDate>Wed, 03 Jan 2024 12:00:00 +0000</lastBuildDate><atom:link href="https://feed.craftedsignal.io/products/hpc-pack/feed.xml" rel="self" type="application/rss+xml"/><item><title>Microsoft HPC Pack Deserialization Vulnerability (CVE-2026-32184)</title><link>https://feed.craftedsignal.io/briefs/2026-04-hpc-deserialization/</link><pubDate>Wed, 03 Jan 2024 12:00:00 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-04-hpc-deserialization/</guid><description>CVE-2026-32184 allows an authorized local attacker to elevate privileges on a Microsoft High Performance Compute Pack (HPC) system through deserialization of untrusted data.</description><content:encoded><![CDATA[<p>CVE-2026-32184 is a critical vulnerability affecting Microsoft High Performance Compute Pack (HPC). An authorized attacker with local access can exploit this vulnerability to elevate their privileges on the system. The root cause lies in the insecure deserialization of untrusted data, allowing the attacker to inject malicious code during the deserialization process. The vulnerability was reported on April 14, 2026. Successful exploitation grants the attacker elevated privileges, potentially leading to full control over the HPC system. This is a significant concern for organizations utilizing Microsoft HPC Pack, as it can compromise the integrity and confidentiality of sensitive data processed on the cluster. Organizations should apply the necessary patches to mitigate this risk.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li>Attacker gains authorized local access to an HPC system running Microsoft HPC Pack.</li>
<li>The attacker crafts a malicious serialized object containing code designed for privilege escalation.</li>
<li>The attacker injects this malicious serialized object into a data stream processed by the HPC Pack.</li>
<li>The HPC Pack attempts to deserialize the untrusted data without proper validation.</li>
<li>During deserialization, the injected malicious code is executed.</li>
<li>The attacker gains elevated privileges on the local system.</li>
<li>With elevated privileges, the attacker can access sensitive data, modify system configurations, or install malicious software.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>Successful exploitation of CVE-2026-32184 allows a local attacker to escalate privileges on a Microsoft HPC Pack system. This can lead to complete compromise of the system, including unauthorized access to sensitive data, modification of critical system configurations, and potential deployment of malware. The impact is especially severe in environments where the HPC Pack processes sensitive research data or manages critical infrastructure. The number of affected organizations depends on the adoption rate of the HPC Pack, but any system left unpatched is vulnerable.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Apply the security update provided by Microsoft for CVE-2026-32184 immediately to patch the deserialization vulnerability in Microsoft High Performance Compute Pack.</li>
<li>Monitor process creation events for unexpected processes launched by the HPC Pack service to detect potential exploitation attempts (see Sigma rule &quot;Detect Suspicious HPC Process Creation&quot;).</li>
<li>Implement strict access control policies to limit the number of users with authorized local access to HPC Pack systems.</li>
<li>Audit the configuration of the HPC pack to detect unauthorized users.</li>
</ul>
]]></content:encoded><category domain="severity">high</category><category domain="type">advisory</category><category>cve-2026-32184</category><category>privilege-escalation</category><category>deserialization</category><category>windows</category></item></channel></rss>