_JHVEPhoto_alamy.jpg?disable=upscale&width=1200&height=630&fit=crop)
September 26, 2024 at 04:26PM
HPE Aruba Networking addressed three critical vulnerabilities (CVE-2024-42505, CVE-2024-42506, and CVE-2024-42507) that could allow remote code execution by unauthenticated attackers on Aruba access points. The bugs impact devices running AOS-8 and AOS-10, prompting the recommendation for administrators to install updates to prevent potential attacks. Other Aruba products are not affected.
The meeting notes summarize the key points about the critical vulnerabilities found in HPE Aruba Networking systems. The vulnerabilities, tracked as CVE-2024-42505, CVE-2024-42506, and CVE-2024-42507, are found in the command line interface (CLI) service of Aruba access points (APs). They can be exploited by sending packets to Aruba’s AP management protocol UDP port to gain privileged access and execute arbitrary code.
The impacted software includes AOS-10.6.x.x: 10.6.0.2 and below, AOS-10.4.x.x: 10.4.1.3 and below, Instant AOS-8.12.x.x: 8.12.0.1 and below, and Instant AOS-8.10.x.x: 8.10.0.13 and below. It’s recommended that administrators install the latest updates provided by HPE to prevent attacks from malicious actors.
It’s important to note that other Aruba products such as Networking Mobility Conductors, Mobility Controllers, and SD-WAN Gateways have not been impacted by these vulnerabilities. Additionally, there are currently no reports of the flaws being exploited in the wild, and no public exploit codes are available, according to the HPE Security Response Team.