CVE-2020-24637

Published: Dec 11, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

Two vulnerabilities in ArubaOS GRUB2 implementation allows for an attacker to bypass secureboot. Successful exploitation of this vulnerability this could lead to remote compromise of system integrity by allowing an attacker to load an untrusted or modified kernel in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below ; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below.

Vendor	Product	Versions
n/a	Aruba 9000 Gateway	affected `2.1.0.1` affected `2.2.0.0 and below`
n/a	Aruba 7000 Series Mobility Controllers	affected `6.4.4.23` affected `6.5.4.17` affected `8.2.2.9` affected `8.3.0.13` affected `8.5.0.10` +2 more versions
n/a	Aruba 7200 Series Mobility Controllers	affected `6.4.4.23` affected `6.5.4.17` affected `8.2.2.9` affected `8.3.0.13` affected `8.5.0.10` +2 more versions

References

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04072en_us

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-24637

Description

Affected Products

References