Hewlett Packard Enterprise (HPE) has released security updates to address several vulnerabilities affecting Aruba Networking Access Point products, including two critical bugs that could result in an unauthenticated command being executed.
Flaws affect Instant AOS-8 and AOS-10 access points –
AOS-10.4.xx: 10.4.1.4 and below Fawari AOS-8.12.xx: 8.12.0.2 and below Fawari AOS-8.10.xx: 8.10.0.13 and below
The six most serious newly patched vulnerabilities are CVE-2024-42509 (CVSS score: 9.8) and CVE-2024-47460 (CVSS score: 9.0), two serious unauthenticated command injection flaws in the CLI service that could lead to execution from Arbitrary code.
“A command injection vulnerability in the underlying CLI service can lead to unauthenticated remote code execution by sending specially crafted packets directed to the UDP (8211) PAPI (Aruba Access Point Management Protocol) port,” HPE said in an advisory for both flaws.
“Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.”
It is recommended to enable cluster security via the CVE-security command to mitigate CVE-2024-42509 and CVE-2024-47460 on devices running Instant AOS-8 code. However, for AOS-10 devices, the company recommends blocking access to UDP port 8211 from all untrusted networks.
HPE has also resolved four other vulnerabilities –
CVE-2024-47461 (CVSS Score: 7.2) – Certified Random Remote Command Execution (RCE) in Instant AOS-8 and AOS-10 CVE-2024-47462 and CVE-2024-47463 (CVSS Score: 7.2) – Randomness Vulnerability in Create files in Instant AOS-8 and AOS-10 that execute a remote command After-Authenticated CVE-2024-47464 (CVSS score: 6.8) – Authenticated path traversal vulnerability leads to unauthorized remote access to files
As workarounds, users are urged to restrict access to the command-line interface (CLI) and web-based management interfaces by placing them inside a dedicated VLAN, and controlling them via firewall policies at layer 3 and above.
“Although Aruba Network access points have not previously been reported as being directly exploited, they are an attractive target for threat actors due to the potential access these vulnerabilities can provide through the user,” Arctic Wolf said. Featured RCE”. “In addition, threat actors may attempt to reverse engineer patches to exploit unpatched systems in the near future.”
