Security Upgrades Available for 3 HPE Aruba Networking Bugs

September 26, 2024 at 04:26PM HPE Aruba Networking addressed three critical vulnerabilities (CVE-2024-42505, CVE-2024-42506, and CVE-2024-42507) that could allow remote code execution by unauthenticated attackers on Aruba access points. The bugs impact devices running AOS-8 and AOS-10, prompting the recommendation for administrators to install updates to prevent potential attacks. Other Aruba products are not affected. … Read more

Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks

May 3, 2024 at 01:21AM HPE Aruba Networking has released critical security updates for ArubaOS to address 10 security flaws, including four rated as severe threats. These vulnerabilities allow remote code execution and affect various software versions, impacting devices managed by Aruba Central. Security researcher Chancen discovered seven of the issues. Users are urged to … Read more

HPE Aruba Networking fixes four critical RCE flaws in ArubaOS

May 1, 2024 at 06:31PM HPE Aruba Networking’s April 2024 security advisory highlights critical remote code execution (RCE) vulnerabilities in various versions of ArubaOS. Ten vulnerabilities are listed, including four critical-severity unauthenticated buffer overflow issues. The vendor recommends enabling Enhanced PAPI Security and upgrading to specific patched versions for ArubaOS to mitigate the flaws. System … Read more