CVE-2012-0133
First published: Thu Apr 12 2012(Updated: )
HP ProCurve 5400 zl switches with certain serial numbers include a compact flash card that contains an unspecified virus, which might allow user-assisted remote attackers to execute arbitrary code on a PC by leveraging manual transfer of this card.
Credit: hp-security-alert@hp.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| HP ProCurve Switch 5400zl Management Module | ||
| HP ProCurve Threat Management Services zl Module | =id116as0hr | |
| HP ProCurve Threat Management Services zl Module | =id116as04p | |
| HP ProCurve Threat Management Services zl Module | =id117as00h | |
| HP ProCurve Threat Management Services zl Module | =id126as0fb | |
| HP ProCurve switch 5406-44g-poe+-4sfpzl | ||
| HP ProCurve switch 5406-48gzl | ||
| HP ProCurve switch 5406zl-44g-poe+/2xg sfp+ v2 | ||
| HP ProCurve switch 5406zl-44g-poe+/4g sfp+ v2 | ||
| HP ProCurve switch 5412-92g-poe+-4sfpzl | ||
| HP ProCurve switch 5412-96gzl | ||
| HP ProCurve switch 5412zl-92g-poe+/4g sfp+ v2 | ||
| HP ProCurve switch 5412zl-92gg-poe+\/2xg sfp+ v2 | ||
| HP ProCurve switch chassis e5406zl | ||
| HP ProCurve switch e5412zl | ||
| HP ProCurve switch chassis e5406zl | ||
| HP ProCurve switch 5412-92g-poe+-4sfpzl |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID CVE-2012-0133 about?
CVE-2012-0133 involves HP ProCurve 5400 zl switches that may ship with a compact flash card containing a virus, potentially allowing attackers to execute arbitrary code on connected PCs.
What is the severity of CVE-2012-0133?
The severity of CVE-2012-0133 is considered critical due to the potential for arbitrary code execution.
How do I fix CVE-2012-0133?
To remediate CVE-2012-0133, remove the compromised compact flash card and ensure that devices are not using it.
Which devices are affected by CVE-2012-0133?
CVE-2012-0133 affects specific models of HP ProCurve 5400 zl switches and associated management modules.
Is user interaction required for CVE-2012-0133 to exploit?
Yes, CVE-2012-0133 requires user-assisted actions to exploit, such as manually transferring the infected compact flash card.
- agent/type
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/hp
- canonical/hp procurve switch 5400zl management module
- canonical/hp procurve threat management services zl module
- version/hp procurve threat management services zl module/id116as0hr
- version/hp procurve threat management services zl module/id116as04p
- version/hp procurve threat management services zl module/id117as00h
- version/hp procurve threat management services zl module/id126as0fb
- canonical/hp procurve switch 5406-44g-poe+-4sfpzl
- canonical/hp procurve switch 5406-48gzl
- canonical/hp procurve switch 5406zl-44g-poe+/2xg sfp+ v2
- canonical/hp procurve switch 5406zl-44g-poe+/4g sfp+ v2
- canonical/hp procurve switch 5412-92g-poe+-4sfpzl
- canonical/hp procurve switch 5412-96gzl
- canonical/hp procurve switch 5412zl-92g-poe+/4g sfp+ v2
- canonical/hp procurve switch 5412zl-92gg-poe+\/2xg sfp+ v2
- canonical/hp procurve switch chassis e5406zl
- canonical/hp procurve switch e5412zl