high
7.2
Advisory Published
Updated

CVE-2020-7207

First published: Thu Nov 05 2020(Updated: )

A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine (IE). This attack requires a physical attack to the server motherboard. To mitigate this issue, ensure your server is always physically secured. HPE will not address this issue in the impacted Gen 10 servers listed. HPE recommends using appropriate physical security methods as a compensating control to disallow an attacker from having physical access to the server main circuit board.

Credit: security-alert@hpe.com

Affected SoftwareAffected VersionHow to fix
Hp Apollo 2000 Firmware
Hp Apollo 2000
Hp Apollo 4200 Gen10 Firmware
Hp Apollo 4200 Gen10
Hp Apollo 4500 Firmware
Hp Apollo 4500
Hp Proliant Xl230k Gen10 Firmware
Hp Proliant Xl230k Gen10
Hp Proliant Xl270d Gen10 Firmware
Hp Proliant Xl270d Gen10
Hp Proliant Bl460c Gen10 Firmware
Hp Proliant Bl460c Gen10
Hp Proliant Dl120 Gen10 Firmware
Hp Proliant Dl120 Gen10
Hp Proliant Dl160 Gen10 Firmware
Hp Proliant Dl160 Gen10
Hp Proliant Dl180 Gen10 Firmware
Hp Proliant Dl180 Gen10
Hp Proliant Dl360 Gen10 Firmware
Hp Proliant Dl360 Gen10
Hp Proliant Dl380 Gen10 Firmware
Hp Proliant Dl380 Gen10
Hp Proliant Dl560 Gen10 Firmware
Hp Proliant Dl560 Gen10
Hp Proliant Dl580 Gen10 Firmware
Hp Proliant Dl580 Gen10
Hp Proliant Ml110 Gen10 Firmware
Hp Proliant Ml110 Gen10
Hp Proliant Ml350 Gen10 Firmware
Hp Proliant Ml350 Gen10
Hp Synergy 480 Gen10 Firmware
Hp Synergy 480 Gen10
Hp Synergy 660 Gen10 Firmware
Hp Synergy 660 Gen10
Hp Proliant E910 Firmware
Hp Proliant E910
Hp Proliant Xl170r Gen10 Firmware
Hp Proliant Xl170r Gen10
Hp Proliant Xl190r Gen10 Firmware
Hp Proliant Xl190r Gen10
Hp Proliant Xl450 Gen10 Firmware
Hp Proliant Xl450 Gen10

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the vulnerability ID for this HPE Proliant Gen10 Server vulnerability?

    The vulnerability ID for this HPE Proliant Gen10 Server vulnerability is CVE-2020-7207.

  • What is the severity level of CVE-2020-7207?

    The severity level of CVE-2020-7207 is high.

  • How does CVE-2020-7207 impact HPE Proliant Gen10 Servers?

    CVE-2020-7207 is a local elevation of privilege vulnerability that requires physical access to the server motherboard.

  • How can I mitigate CVE-2020-7207 on my HPE Proliant Gen10 Server?

    To mitigate CVE-2020-7207, ensure that your HPE Proliant Gen10 Server is physically secured.

  • Where can I find more information about CVE-2020-7207?

    You can find more information about CVE-2020-7207 in the official HPE advisory: https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04002en_us

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203