Vulnerability in HP ProCurve 5400 zl Switches Affecting Firmware Integrity
CVE-2012-0133

Currently unrated

Key Information:

Vendor: HP
Status: Procurve Switch 5400zl Management Module; Procurve Switch 5412-96gzl; Procurve Switch Chassis E5406zl; Procurve Switch 5400zl
Vendor: CVE Published:; 12 April 2012

Summary

HP ProCurve 5400 zl switches contain a compact flash card that may harbor an unspecified virus. This virus could facilitate user-assisted remote attacks, enabling attackers to execute arbitrary code on connected PCs when the infected card is manually transferred. Organizations utilizing these switches should ensure that firmware is reviewed and sanitized to prevent potential exploits through infected storage components.

References

http://www.securityfocus.com/archive/1/522288

vendor-advisoryx_refsource_HP

https://exchange.xforce.ibmcloud.com/vulnerabilities/74819

vdb-entryx_refsource_XF

http://secunia.com/advisories/48738

third-party-advisoryx_refsource_SECUNIA

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 12, 2012
Vulnerability Reserved
Dec 13, 2011