VYPR
Unrated severityNVD Advisory· Published Dec 11, 2020· Updated Aug 4, 2024

CVE-2020-24637

CVE-2020-24637

Description

Two vulnerabilities in ArubaOS GRUB2 implementation allows for an attacker to bypass secureboot. Successful exploitation of this vulnerability this could lead to remote compromise of system integrity by allowing an attacker to load an untrusted or modified kernel in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below ; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below.

Affected products

2
  • HPE/Aruballm-create
    Range: <= 2.1.0.1, <= 2.2.0.0, <= 6.4.4.23, <= 6.5.4.17, <= 8.2.2.9, <= 8.3.0.13, <= 8.5.0.10, <= 8.6.0.5, <= 8.7.0.0
  • Range: <= 2.1.0.1, <= 2.2.0.0, <= 6.4.4.23, <= 6.5.4.17, <= 8.2.2.9, <= 8.3.0.13, <= 8.5.0.10, <= 8.6.0.5, <= 8.7.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.