CVE-2023-38486
Hardware Root of Trust Bypass in 9200 and 9000 Series Controllers and Gateways
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 7.7EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
06 set 2023Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A vulnerability in the secure boot implementation on affected Aruba 9200 and 9000 Series Controllers and Gateways allows an attacker to bypass security controls which would normally prohibit unsigned kernel images from executing. An attacker can use this vulnerability to execute arbitrary runtime operating systems, including unverified and unsigned OS images.
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N
Produtos afetados
Hewlett Packard Enterprise (HPE) · 9200 Series Mobility Controllers and SD-WAN Gateways, 9000 Series Mobility Controllers and SD-WAN GatewaysQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →