Arbitrary Code Execution in HPE Intelligent Provisioning and Service Pack for ProLiant
CVE-2020-7205

6.7MEDIUM

Key Information:

Vendor: HP
Status: HP Intelligent Provisioning; HP Proliant Bl460c Gen9 Server Blade; HP Proliant Bl660c Gen9 Server; HP Proliant Dl180 Gen9 Server
Vendor: CVE Published:; 30 July 2020

Summary

A potential security vulnerability exists in HPE Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting Toolkit, allowing local exploitation to execute arbitrary code during the boot process due to improper handling of insmod in GRUB2. To mitigate this risk, HPE has released updated software versions that include a patch for GRUB2 and the Forbidden Signature Database (DBX). With this update, users must be aware that they cannot boot older images with Secure Boot enabled after applying the patch. HPE also provides a standalone DBX update tool compatible with Microsoft Windows and Linux systems, facilitating the updating of the Forbidden Signature Database to enhance security against the vulnerabilities associated with GRUB2.

Affected Version(s)

HP Intelligent Provisioning Gen8 - Prior to 1.72

HP Intelligent Provisioning Gen9 - Prior to 2.81

HP Intelligent Provisioning Gen10 and Gen10 Plus v3.30 or earlier

References

https://support.hpe.com/hpsc/doc/public/display?docLocale...

x_refsource_MISC

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 30, 2020
Vulnerability Reserved
Jan 16, 2020