By LBT Technology Group, LLC. on Thursday, 09 May 2024
Category: Security

RCE vulnerabilities in HPE Aruba Networking devices

Threat update

HPE Aruba Networking has disclosed that critical remote code execution (RCE) vulnerabilities are impacting multiple versions of ArubaOS. Out of the ten vulnerabilities found, four pose critical risks of unauthenticated buffer overflows in various services.

Technical Detail and Additional Info

What is the threat?

The four critical vulnerabilities that have been identified are:


CVE-2024-26304, CVE-2024-33511, and CVE-2024-33512 are all exploitable through sending specially crafted packets to the PAPI UDP port 8211. 

Why is it noteworthy?

Successful exploitation of the above vulnerabilities allows unauthenticated remote code execution (RCE) with privileged access on the underlying operating system. This means attackers can take complete control of the device and can potentially travel laterally. 

What is the exposure or risk?

HPE Aruba Networking has not observed any cases of active exploitation or the existence of proof-of-concept (PoC) exploits for the vulnerabilities. However, if exploited, the vulnerabilities can allow an attacker to take complete control of affected devices. They could lead to disrupted network operations, stolen data, or further attacks within the network. 

What are the recommendations?

 LBT Technology Group recommends the following actions to limit the impact of the critical ArubaOS vulnerabilities:

References

 For more in-depth information about the recommendations, please visit the following links:


If you have any questions, please contact LBT's Sales Engineer.

Related Posts

Leave Comments