ArubaOS Critical Vulnerability Allows Remote Code Execution by Attackers

Home/hackers, malicious cyber actors, Malware, Remote code execution, Security Advisory, Security Update, vulnerability/ArubaOS Critical Vulnerability Allows Remote Code Execution by Attackers

ArubaOS Critical Vulnerability Allows Remote Code Execution by Attackers

Multiple vulnerabilities in ArubaOS affect HPE Aruba Networking devices, including Mobility Conductor, Mobility Controllers WLAN Gateways, and SD-WAN Gateways managed by Aruba Central. These vulnerabilities involve Unauthenticated Buffer Overflow (CVE-2024-26305, CVE-2024-26304, CVE-2024-33511, CVE-2024-33512, and CVE-2024-33518) and Unauthenticated Denial-of-Service (CVE-2024-33513, CVE-2024-33514, CVE-2024-33515, CVE-2024-33516, CVE-2024-33517, and CVE-2024-33518).

These vulnerabilities, ranging from 5.3 (Medium) to 9.8 (Critical) in severity, are all linked to the PAPI (Protocol Application Programming Interface) protocol.

ArubaOS Critical Vulnerability

Unauthenticated Buffer Overflow Vulnerability

This vulnerability, present in multiple areas, could enable threat actors to execute unauthenticated remote code on vulnerable systems.

Exploiting this vulnerability could result in the execution of arbitrary code with elevated privileges. The vulnerability exists in various components with different severities:

  • Utility Daemon (CVE-2024-26305 – 9.8 (Critical))
  • L2/L3 Management Service (CVE-2024-26304 – 9.8 (Critical))
  • Automatic Reporting Service (CVE-2024-33511 – 9.8 (Critical))
  • Local User Authentication Database (CVE-2024-33512 – 9.8 (Critical))

Unauthenticated Denial-Of-Service

This vulnerability enables a threat actor to disrupt the normal functioning of the affected product, rendering it inoperable. The vulnerability occurs in multiple components with the following severities:

  • AP Management Service (CVE-2024-33513, CVE-2024-33514, CVE-2024-33515 – 5.9 (Medium))
  • Auth Service (CVE-2024-33516 – 5.3 (Medium))
  • Radio Frequency Manager Service (CVE-2024-33517 – 5.3 (Medium))
  • Radio Frequency Daemon (CVE-2024-3518 – 5.3 (Medium))

Affected Products and Fixed Versions

Affected Software VersionsVersions from and up to
ArubaOS 10.5.x.x and below
ArubaOS 10.4.x.x and below
ArubaOS 8.11.x.x and below
ArubaOS 8.10.x.x and below
ArubaOS 8.8.x.x:all
ArubaOS 8.7.x.x:all
ArubaOS 8.6.x.x:all
ArubaOS 6.5.4.x:all
Fixed in versionsVersions to
ArubaOS 10.6.x.x10.6.0.0 and above
ArubaOS 10.5.x.x10.5.1.1 and above
ArubaOS 10.4.x.x10.4.1.1 and above
ArubaOS 8.11.x.x8.11.2.2 and above
ArubaOS 8.10.x.x8.10.0.11 and above

‍Follow Us on: Twitter, InstagramFacebook to get the latest security news!

About the Author:

FirstHackersNews- Identifies Security

Leave A Comment

Subscribe to our newsletter to receive security tips everday!