HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities

November 11, 2024 at 05:39AM Hewlett Packard Enterprise (HPE) released security updates for Aruba Networking Access Point products, addressing critical command injection vulnerabilities (CVE-2024-42509, CVE-2024-47460) that allow unauthenticated remote code execution. Users are advised to enable cluster security or block access to UDP port 8211 and implement management access controls to mitigate risks. **Meeting Takeaways: … Read more

HPE Patches Critical Vulnerabilities in Aruba Access Points

November 8, 2024 at 06:49AM HPE has issued a warning about two critical vulnerabilities in Aruba Networking access points, which could allow for unauthenticated command injection. The company has since released patches to address these security issues. **Meeting Takeaways:** 1. **Company Alert**: HPE has issued a warning regarding two critical vulnerabilities identified in Aruba Networking … Read more

HPE warns of critical RCE flaws in Aruba Networking access points

November 7, 2024 at 10:51AM Hewlett Packard Enterprise (HPE) addressed critical vulnerabilities in Aruba Networking Access Points with updates for AOS-8 and AOS-10 software. Two severe flaws (CVE-2024-42509, CVE-2024-47460) allow remote command injection. Users are advised to update to specific versions and implement workarounds to enhance security. No active exploitation reported. ### Meeting Takeaways: 1. … Read more

HPE Aruba Networking fixes critical flaws impacting Access Points

September 26, 2024 at 08:12AM HPE Aruba Networking fixed three critical vulnerabilities in its Aruba Access Points’ Command Line Interface (CLI) service. CVE-2024-42505, CVE-2024-42506, and CVE-2024-42507 with a severity score of 9.8/10 can enable attackers to execute arbitrary code remotely via specially crafted packets. Administrators are advised to upgrade to the latest software to mitigate … Read more