Cyber Security News

HPE Aruba Networking Access Points Vulnerable To Remote Code Execution

A critical security advisory has been issued by HPE Aruba Networking, warning of multiple vulnerabilities in their Access Points running Instant AOS-8 and AOS-10 software.

These vulnerabilities, identified as CVE-2024-42505, CVE-2024-42506, and CVE-2024-42507, could allow unauthenticated remote code execution, posing a significant threat to network security.

Affected Products And Software Versions

The affected products include various models of Aruba Access Points running specific versions of Instant AOS-8 and AOS-10 software:

  • AOS-10.6.x.x: Versions 10.6.0.2 and below
  • AOS-10.4.x.x: Versions 10.4.1.3 and below
  • Instant AOS-8.12.x.x: Versions 8.12.0.1 and below
  • Instant AOS-8.10.x.x: Versions 8.10.0.13 and below

Additionally, several End of Support Life (EoSL) software versions are affected but will not receive patches due to their EoSL status.

HPE Aruba Networking Mobility Conductors, Mobility Controllers, SD-WAN Gateways, and HPE Networking Instant On products are not affected by these vulnerabilities.

The vulnerabilities are related to unauthenticated command injection in the CLI service accessed by the PAPI protocol. Successful exploitation could lead to arbitrary code execution as a privileged user on the underlying operating system.

The CVSSv3.x overall score for these vulnerabilities is 9.8, indicating a critical severity level.

For devices running Instant AOS-8.x, enabling cluster-security via the cluster-security command can prevent exploitation.

For AOS-10 devices, blocking access to UDP port 8211 from untrusted networks is recommended.To fully address the vulnerabilities, HPE Aruba Networking recommends upgrading the Access Points to the following versions or later:

  • AOS-10.7.x.x: Version 10.7.0.0 and above
  • AOS-10.6.x.x: Version 10.6.0.3 and above
  • AOS-10.4.x.x: Version 10.4.1.4 and above
  • Instant AOS-8.12.x.x: Version 8.12.0.2 and above
  • Instant AOS-8.10.x.x: Version 8.10.0.14 and above

Updated software versions can be downloaded from the HPE Networking Support Portal.

Erik De Jong discovered and reported these vulnerabilities via HPE Aruba Networking’s bug bounty program.

As of the advisory’s release date, there is no known public discussion or exploit code targeting these specific vulnerabilities.

Users are strongly advised to upgrade their affected systems to the recommended versions to mitigate these critical vulnerabilities.

Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try It for Free
Varshini Senapathi

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Share
Published by
Varshini Senapathi
Tags: Network securityremote code executionVulnerability Management
7 months ago

Recent Posts

GitAuto Strengthens Code Security By Automating QA At Scale

In the current software landscape, security breaches caused by untested or poorly tested code are…

18 minutes ago

Cybersecurity in Mergers and Acquisitions – CISO Focus

Cybersecurity in mergers and acquisitions is crucial, as M&A activities represent key inflection points for…

2 hours ago

Top Cybersecurity Trends Every CISO Must Watch in 2025

In 2025, cybersecurity trends for CISOs will reflect a landscape that is more dynamic and…

2 hours ago

Zero Trust Architecture – A CISO’s Blueprint for Modern Security

Zero-trust architecture has become essential for securing operations in today’s hyper-connected world, where corporate network…

2 hours ago

Chrome 136 Released With Patch For 20-Year-Old Privacy Vulnerability

The Chrome team has officially promoted Chrome 136 to the stable channel for Windows, Mac,…

2 hours ago

SecAI Debuts at RSA 2025, Redefining Threat Investigation with AI

By fusing agentic AI and contextual threat intelligence, SecAI transforms investigation from a bottleneck into…

12 hours ago