HPE Aruba Networking fixes critical flaws impacting Access Points
Share onHPE Aruba Networking has fixed three critical vulnerabilities in the Command Line Interface (CLI) service of its Aruba Access Points, which could let unauthenticated attackers gain remote code execution on vulnerable devices.
The vulnerabilities (CVE-2024-42505, CVE-2024-42506, and CVE-2024-42507) can be exploited by sending specially crafted packets to the PAPI (Aruba’s Access Point management protocol) UDP port (8211) to get privileged access to execute arbitrary code on vulnerable devices.
The Hewlett Packard Enterprise (HPE) subsidiary (formerly known as Aruba Networks) confirmed in a security advisory released earlier this week that the security flaws impact Aruba Access Points running Instant AOS-8 and AOS-10.
The vulnerabilities were reported by security researcher Erik De Jong through the company’s bug bounty program, and impacted software versions include:
- AOS-10.6.x.x: 10.6.0.2 and below
- AOS-10.4.x.x: 10.4.1.3 and below
- Instant AOS-8.12.x.x: 8.12.0.1 and below
- Instant AOS-8.10.x.x: 8.10.0.13 and below
The company urged administrators to install the latest security updates (available from the HPE Networking Support Portal) on vulnerable access points to prevent potential attacks.
Workaround available, no active exploitation
As a temporary workaround for devices running Instant AOS-8.x code, admins can enable "cluster-security" to block exploitation attempts. For AOS-10 devices, the company advises blocking access to port UDP/8211 from all untrusted networks.
HPE Aruba Networking also confirmed that other Aruba products, including Networking Mobility Conductors, Mobility Controllers, and SD-WAN Gateways, are unaffected.
According to the HPE Product Security Response Team, no public exploit code is available, and there have been no reports of attacks targeting the three critical vulnerabilities.
Earlier this year, the company also patched four critical RCE vulnerabilities impacting multiple versions of ArubaOS, its proprietary network operating system.
In February, Hewlett Packard Enterprise (HPE) said it was investigating a potential breach after a threat actor posted credentials and other sensitive information (allegedly stolen from HPE) for sale on a hacking forum.
Two weeks earlier, it reported that its Microsoft Office 365 email environment was breached in May 2023 by hackers believed to be part of the APT29 threat group linked to Russia's Foreign Intelligence Service (SVR).
Sponsored Ads:
Comments:
Microsoft fixes Linux boot issues on dual-boot Windows systems
Category: Microsoft|May 14, 2025 | Author: Admin
Windows 11 upgrade block lifted after Safe Exam Browser fix
Category: Microsoft|May 13, 2025 | Author: Admin
Bluetooth 6.1 enhances privacy with randomized RPA timing
Category: IT|May 12, 2025 | Author: Admin
ChatGPT is finally adding Download as PDF for Deep Research
Category: IT|May 11, 2025 | Author: Admin
Microsoft Teams will soon block screen capture during meetings
Category: Microsoft|May 10, 2025 | Author: Admin
Germany takes down eXch cryptocurrency exchange, seizes servers
Category: IT|May 9, 2025 | Author: Admin
Malicious PyPi package hides RAT malware, targets Discord devs since 2022
Category: IT|May 8, 2025 | Author: Admin
Hackers exploit OttoKit WordPress plugin flaw to add admin accounts
Category: IT|May 7, 2025 | Author: Admin
Apache Parquet exploit tool detect servers vulnerable to critical flaw
Category: IT|May 6, 2025 | Author: Admin
Co-op confirms data theft after DragonForce ransomware claims attack
Category: IT|May 5, 2025 | Author: Admin
Magento supply chain attack compromises hundreds of e-stores
Category: IT|May 4, 2025 | Author: Admin
Microsoft ends Authenticator password autofill, moves users to Edge
Category: Microsoft|May 3, 2025 | Author: Admin
TikTok fined €530 million for sending European user data to China
Category: IT|May 2, 2025 | Author: Admin
1. mai – En dag for solidaritet, samhold og kamp for rettferdighet
Category: Norge|May 1, 2025 | Author: Admin