← volver
CVE-2025-37147

Secure Boot Bypass allows for Compromise of Hardware Root of Trust

CVSS 7.1 HIGHEPSS 0.1%CWE-290
A Secure Boot Bypass Vulnerability exists in affected Access Points that allows an adversary to bypass the hardware root of trust verification in place to ensure only vendor-signed firmware can execute on the device. An adversary can exploit this vulnerability to run modified or custom firmware on affected Access Points.
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Productos afectados
Hewlett Packard Enterprise (HPE) · ArubaOS (AOS)

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04958en_us&docLocale=en_US