HPE Aruba Networking AOS-8 Instant and AOS-10 AP Secure Boot Bypass Vulnerability

A secure boot bypass vulnerability has been identified in HPE Aruba Networking access points running AOS-8 Instant and AOS-10 AP. This vulnerability allows an adversary to bypass the hardware root of trust verification, which is designed to ensure that only vendor-signed firmware can be executed on the device. Exploitation of this vulnerability could enable the execution of modified or custom firmware on the affected access points.

Impact

Exploitation of this vulnerability compromises the hardware root of trust, allowing for the execution of unauthorized firmware on the device.

Remediation

Users are advised to upgrade to AOS-10 AP 10.7.x.x version 10.7.2.0 and above, AOS-10 AP 10.4.x.x version 10.4.1.8 and above, AOS-8 Instant 8.13.x.x version 8.13.1.0 and above, AOS-8 Instant 8.12.x.x version 8.12.0.6 and above, or AOS-8 Instant 8.10.x.x version 8.10.0.17 and above. For assistance, contact HPE Services - Aruba Networking.