VMware Response to CVE-2024-22247 (VMSA-2024-0008)
search cancel

VMware Response to CVE-2024-22247 (VMSA-2024-0008)

book

Article ID: 323213

calendar_today

Updated On:

Products

VMware

Issue/Introduction

  • CVE-2024-22247 details a missing authentication and protection mechanism vulnerability that impacts an SD-WAN Edge
  • VMware's response to this vulnerability is documented in VMSA-2024-0008
  • Please ensure that you have reviewed VMSA-2024-0008 before proceeding with the instructions in the article.


Environment

VMware SD-WAN

Resolution


All supported SD-WAN Edge hardware devices are impacted by this vulnerability. This KB documents the mitigation instructions for CVE-2024-22247. For more information, please refer to the VMware Security Advisory VMSA-2024-0008 .

 


Mitigation Instructions by SD-WAN Edge Model:


510/520/540

It is not possible to disable USB boot in these Edge models. However, the vulnerability can be mitigated by limiting physical access to the router to trusted individuals and ensuring no USB devices are physically attached to the device during the activation stage.

610

Enter BIOS by pressing the Del or F2 key when prompted during rebooting.

Disable USB as a storage device

  1. Move the Left/Right arrow key to Advanced
  2. Move the Up/Down arrow key to USB Configuration

image.png

  1. Press Enter
  2. Move the Up/Down arrow key to highlight Disabled

image.png

  1. Press Enter
  2. Press ESC to return the main menu
 

Configure Admin Password  

  1. Move the Left/Right arrow key to Security
  2. Move the Up/Down arrow key to Administrator Password
  3. Press Enter

image.png

  1. Type in a password followed by an ENTER
  2. Confirm the password followed by an ENTER
  3. Press ESC to go back to the main menu


 

Save and reset

  1. Move the Left/Right arrow key to Save & Exit
  2. Move the Up/Down arrow key to Save Changes and Reset
  3. Move the Left/Right arrow key to highlight Yes
  4. Press Enter

image.png




 
 

620/640/680

Enter BIOS by pressing the Del or F2 key when prompted during rebooting.

Disable USB as a storage device

  1. Move the Left/Right arrow key to Advanced
  2. Move the Up/Down arrow key to USB Configuration

image.png

  1. Press Enter
  2. Move the Up/Down arrow key to highlight Disabled

image.png

  1. Press Enter
  2. Press ESC to return the main menu
 

Configure Admin Password  

  1. Move the Left/Right arrow key to Security
  2. Move the Up/Down arrow key to Administrator Password
  3. Press Enter

image.png

  1. Type in a password followed by an ENTER
  2. Confirm the password followed by an ENTER
  3. Press ESC to go back to the main menu


 

Save and reset

  1. Move the Left/Right arrow key to Save & Exit
  2. Move the Up/Down arrow key to Save Changes and Reset
  3. Move the Left/Right arrow key to highlight Yes
  4. Press Enter

image.png






 

840

Enter BIOS by pressing the Del key when prompted during rebooting.

Disable booting from USB

  1. Move the Left/Right arrow key to Boot
  2. Move the Up/Down arrow key to Boot Mode Select
  3. Press ENTER

image.png

  1. Move the Left/Right arrow key to LEGACY
  2. Press ENTER
  3. Move the Left/Right arrow key to Legacy Boot Order #1
  4. Press ENTER
  5. Move the Up/Down arrow key to Hard Disk: …

image.png

  1. Press ENTER
  2. Move the Left/Right arrow key to Legacy Boot Order #2
  3. Press ENTER
  4. Move the Up/Down arrow key to Disabled

image.png

  1. Press ENTER
  2. Repeat the above steps for all Legacy Boot Orders other than #1  to disable booting

Configure Admin Password  

  1. Move the Left/Right arrow key to Security
  2. Move the Up/Down arrow key to Administrator Password
  3. Press Enter

image.png

  1. Type in a password followed by an ENTER
  2. Confirm the password followed by an ENTER
  3. Press ESC to go back to the main menu
 

Save and reset

  1. Move the Left/Right arrow key to Save & Exit
  2. Move the Up/Down arrow key to Save Changes and Reset
  3. Move the Left/Right arrow key to highlight Yes
  4. Press Enter

image.png




 

2000

Enter BIOS by pressing the Del key when prompted during rebooting.

Disable booting from USB

  1. Move the Left/Right arrow key to Boot
  2. Move the Up/Down arrow key to Boot Mode Select.  Skip steps 2 to 5 if it’s already set to LEGACY (Default)
  3. Press ENTER
  4. Move the Left/Right arrow key to LEGACY
  5. Press ENTER
  6. Move the Left/Right arrow key to Legacy Boot Order #1
  7. Press ENTER
  8. Move the Up/Down arrow key to Hard Disk: …

image.png

  1. Press ENTER
  2. Move the Left/Right arrow key to Legacy Boot Order #2
  3. Press ENTER
  4. Move the Up/Down arrow key to Disabled

image.png

  1. Press ENTER
  2. Repeat the above steps for all Legacy Boot Orders other than #1  to disable booting

Configure Admin Password  

  1. Move the Left/Right arrow key to Security
  2. Move the Up/Down arrow key to Administrator Password
  3. Press Enter

image.png

  1. Type in a password followed by an ENTER
  2. Confirm the password followed by an ENTER
  3. Press ESC to go back to the main menu
 

Save and reset

  1. Move the Left/Right arrow key to Save & Exit
  2. Move the Up/Down arrow key to Save Changes and Reset
  3. Move the Left/Right arrow key to highlight Yes
  4. Press Enter

image.png




 

3400/3800/3810

Enter BIOS by pressing the Del or F2 key when prompted during rebooting.

Disable USB as a storage device

  1. Move the Left/Right arrow key to Advanced
  2. Move the Up/Down arrow key to USB Configuration

image.png

  1. Press Enter
  2. Move the Up/Down arrow key to highlight Disabled

image.png

  1. Press Enter
  2. Press ESC to return the main menu
 

Configure Admin Password  

  1. Move the Left/Right arrow key to Security
  2. Move the Up/Down arrow key to Administrator Password
  3. Press Enter

image.png

  1. Type in a password followed by an ENTER
  2. Confirm the password followed by an ENTER
  3. Press ESC to go back to the main menu
Save and reset
  1. Move the Left/Right arrow key to Save & Exit
  2. Move the Up/Down arrow key to Save Changes and Reset
  3. Move the Left/Right arrow key to highlight Yes
  4. Press Enter

image.png



 

Restore booting via USB

One may enable boot from a USB drive in some scenarios, e.g. updating the factory image via a USB drive.

510/520/540

It’s always enabled.  Nothing needs to be done.

610

One may reboot his/her edges with the default BIOS settings.  

  1. Boot into BIOS by pressing the Del or F2 key upon rebooting
  2. Type in the Administrator Password
  3. Move the Left/Right arrow key to Save & Exit
  4. Move the Up/Down arrow key to Restore Defaults
  5. Press Enter
  6. Move the Left/Right arrow key to highlight Yes
  7. Press Enter

image.png

  1. Move the Up/Down arrow key to Save Changes and Reset
  2. Press ENTER, and follow the prompts to reset

620/648/680

One may reboot his/her edges with the default BIOS settings.  

  1. Boot into BIOS by pressing the Del or F2 key upon rebooting
  2. Type in the Administrator Password
  3. Move the Left/Right arrow key to Save & Exit
  4. Move the Up/Down arrow key to Restore Defaults
  5. Press Enter
  6. Move the Left/Right arrow key to highlight Yes
  7. Press Enter

image.png

  1. Move the Up/Down arrow key to Save Changes and Reset
  2. Press ENTER, and follow the prompts to reset

840

One may reboot his/her edges with the default BIOS settings.  

  1. Boot into BIOS by pressing the Del key upon rebooting
  2. Type in the Administrator Password
  3. Move the Left/Right arrow key to Save & Exit
  4. Move the Up/Down arrow key to Restore Optimized Defaults
  5. Press Enter
  6. Move the Left/Right arrow key to highlight Yes
  7. Press Enter

image.png

  1. Move the Up/Down arrow key to Save Changes and Reset
  2. Press ENTER, and follow the prompts to reset

2000

One may reboot his/her edges with the default BIOS settings.  

  1. Boot into BIOS by pressing the Del key upon rebooting
  2. Type in the Administrator Password
  3. Move the Left/Right arrow key to Save & Exit
  4. Move the Up/Down arrow key to Restore Optimized Defaults
  5. Press Enter
  6. Move the Left/Right arrow key to highlight Yes
  7. Press Enter

image.png

  1. Move the Up/Down arrow key to Save Changes and Reset
  2. Press ENTER, and follow the prompts to reset

3400/3800/3810

One may reboot his/her edges with the default BIOS settings.  

  1. Boot into BIOS by pressing the Del or F2 key upon rebooting
  2. Type in the Administrator Password
  3. Move the Left/Right arrow key to Save & Exit
  4. Move the Up/Down arrow key to Restore Defaults
  5. Press Enter
  6. Move the Left/Right arrow key to highlight Yes
  7. Press Enter

image.png

  1. Move the Up/Down arrow key to Save Changes and Reset
  2. Press ENTER, and follow the prompts to reset
 
Powered by Wolken Software