Critical RCE Flaws Discovered in HPE Aruba Devices

Critical Flaws Discovered in HPE Aruba Networking’s April Security Advisory

HPE Aruba Networking has released its April 2024 security advisory, outlining critical remote code execution (RCE) vulnerabilities affecting various versions of ArubaOS, its proprietary network operating system.

The advisory identifies ten vulnerabilities, with four deemed critical-severity, posing a significant risk of unauthenticated buffer overflow and subsequent remote code execution (RCE).

Impacted products include:

• HPE Aruba Networking Mobility Conductor
• Mobility Controllers
• WLAN Gateways
• SD-WAN Gateways managed by Aruba Central
• Alongside several versions of ArubaOS and SD-WAN that have reached end-of-life (EoL).

Discover your weakest link. Be proactive, not reactive. Cybercriminals need just one flaw to strike.

Among the critical flaws highlighted are:

• CVE-2024-26305: A vulnerability in ArubaOS’s Utility daemon that permits remote code execution through specially crafted packets.
• CVE-2024-26304: A flaw in the L2/L3 Management service allowing unauthenticated remote code execution.
• CVE-2024-33511: Vulnerability in the Automatic Reporting service facilitating remote code execution by exploiting the PAPI protocol port.
• CVE-2024-33512: A buffer overflow flaw in the Local User Authentication Database service accessed via the PAPI protocol.

To mitigate these vulnerabilities, HPE Aruba Networking advises enabling Enhanced PAPI Security and promptly upgrading to patched versions of ArubaOS. The latest releases also address six additional vulnerabilities rated as “medium” severity.

Are u a security researcher? Or a company that writes articles about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing? If you want to express your idea in an article contact us here for a quote: [email protected]

Source: bleepingcomputer.com

Source Link