CVE-2020-7205

Name of the Vulnerable Software and Affected Versions HPE Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit (affected versions not specified)

Description A potential security issue has been identified that could allow arbitrary code execution during the boot process. This issue is related to using insmod in GRUB2 in the specific impacted HPE products. HPE has addressed this issue by providing software updates and mitigation information. The updates include a GRUB2 patch and an update to the Forbidden Signature Database (DBX), which will prevent older versions of the affected products from booting with Secure Boot enabled.

Recommendations For HPE Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit, update to the latest version that includes the GRUB2 patch to resolve the issue. Use the provided standalone DBX update tool to update the Forbidden Signature Database (DBX) from within the operating system, which mitigates the GRUB2 issue with insmod enabled.