CVE-2020-24637
N/A
N/A
Summary
Two vulnerabilities in ArubaOS GRUB2 implementation allows for an attacker to bypass secureboot. Successful exploitation of this vulnerability this could lead to remote compromise of system integrity by allowing an attacker to load an untrusted or modified kernel in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below ; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Aruba 9000 Gateway | 2.1.0.1 | affected |
| n/a | Aruba 9000 Gateway | 2.2.0.0 and below | affected |
| n/a | Aruba 7000 Series Mobility Controllers | 6.4.4.23 | affected |
| n/a | Aruba 7000 Series Mobility Controllers | 6.5.4.17 | affected |
| n/a | Aruba 7000 Series Mobility Controllers | 8.2.2.9 | affected |
| n/a | Aruba 7000 Series Mobility Controllers | 8.3.0.13 | affected |
| n/a | Aruba 7000 Series Mobility Controllers | 8.5.0.10 | affected |
| n/a | Aruba 7000 Series Mobility Controllers | 8.6.0.5 | affected |
| n/a | Aruba 7000 Series Mobility Controllers | 8.7.0.0 and below | affected |
| n/a | Aruba 7200 Series Mobility Controllers | 6.4.4.23 | affected |
| n/a | Aruba 7200 Series Mobility Controllers | 6.5.4.17 | affected |
| n/a | Aruba 7200 Series Mobility Controllers | 8.2.2.9 | affected |
| n/a | Aruba 7200 Series Mobility Controllers | 8.3.0.13 | affected |
| n/a | Aruba 7200 Series Mobility Controllers | 8.5.0.10 | affected |
| n/a | Aruba 7200 Series Mobility Controllers | 8.6.0.5 | affected |
| n/a | Aruba 7200 Series Mobility Controllers | 8.7.0.0 and below | affected |
Weaknesses
- remote buffer overflow
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.