Security Upgrades Available for 3 HPE Aruba Networking Bugs

  /     /     /  
Publicated : 23/11/2024   Category : security

Security Upgrades Available for 3 HPE Aruba Networking Bugs


The vendor says there are no reports of the flaws being exploited in the wild nor any public exploit codes currently available.


HPE Aruba Networking
fixed three critical vulnerabilities found in its systems that could allow unauthenticated attackers remote code execution on compromised devices.
The vulnerabilities, tracked as CVE-2024-42505, CVE-2024-42506, and CVE-2024-42507, lie in the command line interface (CLI) service of Aruba access points (APs) and can be exploited by sending packets to Arubas AP management protocol UDP port to gain privileged access and execute arbitrary code.
The security bugs
affect Aruba APs running Instant AOS-8 and AOS-10, according to the Hewlett Packard Enterprise subsidiary.
The impacted software includes AOS-10.6.x.x: 10.6.0.2 and below, AOS-10.4.x.x: 10.4.1.3 and below, Instant AOS-8.12.x.x: 8.12.0.1 and below, and Instant AOS-8.10.x.x: 8.10.0.13 and below.
While there are workarounds for devices running Instant AOS-8.x code and AOS-10, its recommended that administrators install the latest updates HPE provided on its networking support portal to prevent attacks from malicious actors.
Other Aruba products such as Networking Mobility Conductors, Mobility Controllers, and SD-WAN Gateways have not been impacted.
There are no reports of the flaws being exploited in the wild and no public exploit codes currently available, according to the HPE Security Response Team.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
Security Upgrades Available for 3 HPE Aruba Networking Bugs