Security Upgrades Available for 3 HPE Aruba Networking Bugs

  /     /     /  
Publicated : 23/11/2024   Category : security


Security Upgrades Available for 3 HPE Aruba Networking Bugs


The vendor says there are no reports of the flaws being exploited in the wild nor any public exploit codes currently available.



HPE Aruba Networking
fixed three critical vulnerabilities found in its systems that could allow unauthenticated attackers remote code execution on compromised devices.
The vulnerabilities, tracked as CVE-2024-42505, CVE-2024-42506, and CVE-2024-42507, lie in the command line interface (CLI) service of Aruba access points (APs) and can be exploited by sending packets to Arubas AP management protocol UDP port to gain privileged access and execute arbitrary code.
The security bugs
affect Aruba APs running Instant AOS-8 and AOS-10, according to the Hewlett Packard Enterprise subsidiary.
The impacted software includes AOS-10.6.x.x: 10.6.0.2 and below, AOS-10.4.x.x: 10.4.1.3 and below, Instant AOS-8.12.x.x: 8.12.0.1 and below, and Instant AOS-8.10.x.x: 8.10.0.13 and below.
While there are workarounds for devices running Instant AOS-8.x code and AOS-10, its recommended that administrators install the latest updates HPE provided on its networking support portal to prevent attacks from malicious actors.
Other Aruba products such as Networking Mobility Conductors, Mobility Controllers, and SD-WAN Gateways have not been impacted.
There are no reports of the flaws being exploited in the wild and no public exploit codes currently available, according to the HPE Security Response Team.

Last News

▸ 27 Million South Koreans Hit by Online Gaming Theft. ◂
Discovered: 23/12/2024
Category: security

▸ Homeland Security Background Checks Breach Raises Concerns. ◂
Discovered: 23/12/2024
Category: security

▸ Fully committed to the future world of technology. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Security Upgrades Available for 3 HPE Aruba Networking Bugs