Vulnetix
Try Vulnetix Request Demo
CVE-2020-24637 PUBLISHED CVSS 7.199999809265137 HIGH

Two vulnerabilities in ArubaOS GRUB2 implementation allows for an attacker to bypass secureboot. Successful exploitation of this vulnerability this could lead to remote compromise of system integrity by allowing an attacker to load an untrusted or modified kernel in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below ; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below.

EPSS 0.52% · 66.8th percentile

Risk Scores

CVSS v3.1
7.199999809265137
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.52%
66.8th percentile

Affected Products

VendorProductVersions
arubanetworkssd-wan2.2.0.0, 0
n/aAruba 9000 Gateway2.1.0.1, 2.2.0.0 and below
n/aAruba 7000 Series Mobility Controllers8.2.2.9, 8.3.0.13, 8.5.0.10
arubanetworksarubaos8.7.0.0, 0, 8.6.0.0
n/aAruba 7200 Series Mobility Controllers8.6.0.5, 8.7.0.0 and below, 6.4.4.23

Timeline

References

Open in Interactive Console →