Skip to main content

Five vulnerabilities could lead to remote code execution and arbitrary command execution in multiple series of Aruba Access Points

Threat ID:CC-4571
Threat Severity:Medium
Published:7 November 2024 1:26 PM

Summary

Five vulnerabilities could lead to remote code execution and arbitrary command execution in multiple series of Aruba Access Points

Affected platforms

The following platforms are known to be affected:

Aruba Access PointsHPE Aruba Networking - Access Points running the following software versions:
  • AOS-10.4.x.x: 10.4.1.4 and earlier
  • Instant AOS-8.12.x.x: 8.12.0.2 and earlier
  • Instant AOS-8.10.x.x: 8.10.0.13 and earlier

Threat details

End of maintenance ArubaOS software versions are also affected

Software versions that are End of Support Life (EoSL) are also affected by these vulnerabilities and are not addressed by this advisory. HPE Aruba Networking strongly recommends all customers running End of Support Life (EoSL) software to upgrade to a supported version as soon as possible.


Introduction

Hewlett Packard Enterprise (HPE) Aruba Networking has issued an advisory that addresses 5 vulnerabilities that affect Aruba Access Points (APs) product lines that use Instant AOS (ArubaOS) 8 and 10. AOS is a distributed network operating system working with Aruba Central that controls APs and optional gateways.

Two critical command injection vulnerabilities and three high severity vulnerabilities could be exploited by an attacker to achieve remote code execution (RCE). Successful exploitation could lead to the ability to execute arbitrary code as a privileged user on the underlying operating system.


Access Points are popular targets for attackers

Some access points and gateways are internet-facing by design and present an attractive target to facilitate initial access to an organisation's network, with exploitation by attackers often reported soon after official disclosure. The NHS England National CSOC assesses exploitation as highly likely, should a proof-of-concept (PoC) exploit be publicly released.

Remediation advice

Affected organisations are encouraged to review the HPE Security Advisory HPESBNW04722 rev.1 - HPE Aruba Networking Access Points Multiple Vulnerabilities and apply any relevant updates or workarounds.

Definitive source of threat updates

CVE Vulnerabilities

StatusPublished
CVE-2024-42509Command injection vulnerability in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
StatusPublished
CVE-2024-47460Command injection vulnerability in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
StatusPublished
CVE-2024-47461An authenticated command injection vulnerability exists in the Instant AOS-8 and AOS-10 command line interface. A successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an attacker to fully compromise the underlying host operating system.
StatusPublished
CVE-2024-47462An arbitrary file creation vulnerability exists in the Instant AOS-8 and AOS-10 command line interface. Successful exploitation of this vulnerability could allow an authenticated remote attacker to create arbitrary files, which could lead to a remote command execution (RCE) on the underlying operating system.
StatusPublished
CVE-2024-47463An arbitrary file creation vulnerability exists in the Instant AOS-8 and AOS-10 command line interface. Successful exploitation of this vulnerability could allow an authenticated remote attacker to create arbitrary files, which could lead to a remote command execution (RCE) on the underlying operating system.

Last edited: 7 November 2024 1:26 pm

Back to top