CVE-2023-38486: Hardware Root of Trust Bypass in 9200 and 9000 Series Controllers and Gateways
First published: Wed Sep 06 2023(Updated: )
A vulnerability in the secure boot implementation on affected Aruba 9200 and 9000 Series Controllers and Gateways allows an attacker to bypass security controls which would normally prohibit unsigned kernel images from executing. An attacker can use this vulnerability to execute arbitrary runtime operating systems, including unverified and unsigned OS images.
Credit: security-alert@hpe.com security-alert@hpe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Arubanetworks Arubaos | >=8.6.0.0<8.6.0.22 | |
| Arubanetworks Arubaos | >=8.10.0.0<8.10.0.7 | |
| Arubanetworks Arubaos | >=8.11.0.0<8.11.1.1 | |
| Arubanetworks Arubaos | >=10.4.0.0<10.4.0.2 | |
| Arubanetworks 9004 | ||
| Arubanetworks 9004-lte | ||
| Arubanetworks 9012 | ||
| Arubanetworks 9240 | ||
| All of | ||
| Any of | ||
| Arubanetworks Arubaos | >=8.6.0.0<8.6.0.22 | |
| Arubanetworks Arubaos | >=8.10.0.0<8.10.0.7 | |
| Arubanetworks Arubaos | >=8.11.0.0<8.11.1.1 | |
| Arubanetworks Arubaos | >=10.4.0.0<10.4.0.2 | |
| Any of | ||
| Arubanetworks 9004 | ||
| Arubanetworks 9004-lte | ||
| Arubanetworks 9012 | ||
| Arubanetworks 9240 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this ArubaOS secure boot bypass vulnerability?
The vulnerability ID for this ArubaOS secure boot bypass vulnerability is CVE-2023-38486.
What is the severity level of CVE-2023-38486?
The severity level of CVE-2023-38486 is high (6.4).
Which products are affected by CVE-2023-38486?
Affected products include Aruba 9200 and 9000 Series Controllers and Gateways running ArubaOS versions 8.6.0.0 to 8.6.0.22, 8.10.0.0 to 8.10.0.7, 8.11.0.0 to 8.11.1.1, and 10.4.0.0 to 10.4.0.2.
How can an attacker exploit CVE-2023-38486?
An attacker can exploit CVE-2023-38486 to bypass security controls and execute unsigned kernel images on vulnerable Aruba 9200 and 9000 Series Controllers and Gateways.
Is the Arubanetworks 9004, Arubanetworks 9004-lte, Arubanetworks 9012, or Arubanetworks 9240 affected by CVE-2023-38486?
No, the Arubanetworks 9004, 9004-lte, 9012, and 9240 devices are not vulnerable to CVE-2023-38486.
- collector/nvd-index
- agent/author
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/references
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/event
- agent/first-publish-date
- agent/description
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/arubanetworks
- canonical/arubanetworks arubaos
- version/arubanetworks arubaos/8.6.0.0
- version/arubanetworks arubaos/8.10.0.0
- version/arubanetworks arubaos/8.11.0.0
- version/arubanetworks arubaos/10.4.0.0
- canonical/arubanetworks 9004
- canonical/arubanetworks 9004-lte
- canonical/arubanetworks 9012
- canonical/arubanetworks 9240