Ethical Hacking News
Hewlett Packard Enterprise (HPE) has released critical security patches to address multiple vulnerabilities impacting Aruba Networking Access Point products, including two critical bugs that could result in unauthenticated command execution. The patches aim to prevent remote code execution by mitigating these high-severity vulnerabilities.
The latest HPE security update reveals critical vulnerabilities in Aruba Networking Access Point products, which could lead to remote code execution.CVE-2024-42509 and CVE-2024-47460 are rated as high severity by the CVE framework, affecting devices running Instant AOS-8 and AOS-10 software versions.Exploitation of CVE-2024-42509 allows for arbitrary code execution through unauthenticated command injection via UDP port 8211.Timely patching is crucial to prevent exploitation of these vulnerabilities, with recommended mitigations including enabling cluster security and restricting access to management interfaces.
The latest security update from Hewlett Packard Enterprise (HPE) has highlighted a critical vulnerability in Aruba Networking Access Point products, which could potentially lead to remote code execution. The vulnerability, identified as CVE-2024-42509 and CVE-2024-47460, is rated as high severity by the Common Vulnerabilities and Exposures (CVE) framework.
According to HPE's advisory, the vulnerabilities affect Aruba Access Points running Instant AOS-8 and AOS-10 software versions. The most severe vulnerability, CVE-2024-42509, has a CVSS score of 9.8 and allows for unauthenticated command injection, which could lead to arbitrary code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port.
The exploitation of this vulnerability would result in an attacker being able to execute arbitrary code as a privileged user on the underlying operating system. In order to mitigate CVE-2024-42509 and CVE-2024-47460, HPE recommends enabling cluster security via the cluster-security command on devices running Instant AOS-8 code. For AOS-10 devices, blocking access to UDP port 8211 from all untrusted networks is also advised.
Furthermore, four other vulnerabilities have been patched by HPE:
* CVE-2024-47461 (CVSS score: 7.2) - An authenticated arbitrary remote command execution (RCE) in Instant AOS-8 and AOS-10.
* CVE-2024-47462 and CVE-2024-47463 (CVSS scores: 7.2) - An arbitrary file creation vulnerability in Instant AOS-8 and AOS-10 that leads to authenticated remote command execution.
* CVE-2024-47464 (CVSS score: 6.8) - An authenticated path traversal vulnerability leading to remote unauthorized access to files.
To prevent exploitation of these vulnerabilities, users are urged to restrict access to CLI and web-based management interfaces by placing them within a dedicated VLAN and controlling them via firewall policies at layer 3 and above.
This patch highlights the importance of keeping software up-to-date and following best practices for network security. Arctic Wolf noted that Aruba Network access points have not previously been reported as exploited in the wild, but they are an attractive target for threat actors due to the potential access these vulnerabilities could provide through privileged user RCE.
As with any security update, timely patching is crucial to prevent exploitation of these vulnerabilities and protect against remote code execution. It's essential for organizations to take swift action to address this vulnerability and ensure their network security posture remains robust and secure.
Related Information:
https://thehackernews.com/2024/11/hpe-issues-critical-security-patches.html
https://www.securityweek.com/hpe-patches-critical-vulnerabilities-in-aruba-access-points/
https://nvd.nist.gov/vuln/detail/CVE-2024-42509
https://www.cvedetails.com/cve/CVE-2024-42509/
https://nvd.nist.gov/vuln/detail/CVE-2024-47460
https://www.cvedetails.com/cve/CVE-2024-47460/
https://nvd.nist.gov/vuln/detail/CVE-2024-47461
https://www.cvedetails.com/cve/CVE-2024-47461/
https://nvd.nist.gov/vuln/detail/CVE-2024-47462
https://www.cvedetails.com/cve/CVE-2024-47462/
https://nvd.nist.gov/vuln/detail/CVE-2024-47463
https://www.cvedetails.com/cve/CVE-2024-47463/
https://nvd.nist.gov/vuln/detail/CVE-2024-47464
https://www.cvedetails.com/cve/CVE-2024-47464/
Published: Mon Nov 11 05:54:10 2024 by llama3.2 3B Q4_K_M
