HPE reveals critical security bug affecting networking access points
Half a dozen vulnerabilities recently found and patched
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Two critical security bugs were found plaguingHewlett PackardEnterprise (HPE) endpoints, the company has confirmed, as it released a patch and follow-up security advisory.
As per the bulletin, multiple Aruba Networking Access Points (AP), powered by thee Instant AOS-8 and AOS-10operating systems, were vulnerable to a total of six flaws, which allowed crooks to mount authenticatedremote command executionattacks, create arbitrary files, perform unauthenticated command injection, and more.
Of the six, two were particularly dangerous: CVE-2024-42509, and CVE-2024-47460. These were assigned severity scores 9.8 and 9.0, and could have been abused by sending specially crafted packets to Aruba’s Access Point management protocol (PAPI).
End of life
The remaining four vulnerabilities are tracked as CVE-2024-47461, CVE-2024-47462, CVE-2024-47463, and CVE-2024-47464.
All of them plague AOS-10.4.x.x: 10.4.1.4 and older releases, Instant AOS-8.12.x.x: 8.12.0.2 and below, and Instant AOS-8.10.x.x: 8.10.0.13 and older versions.
If your product is older, and isn’t among the ones listed here, then it’s likely reached its end-of-life status and as such will not be patched. In such cases, HPE advises users to replace the instance with a newer model that is still supported.
Those who are still under HPE’s support should update their access points to these versions:
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
AOS-10.7.x.x: Update to version 10.7.0.0 and later.AOS-10.4.x.x: Update to version 10.4.1.5 or later.Instant AOS-8.12.x.x: Update to version 8.12.0.3 or newer.Instant AOS-8.10.x.x: Update to version 8.10.0.14 or above
There are also workarounds for those who cannot install the patch immediately, which include blocking access to UDP port 8211 from all untrusted networks, restricting access to the CLI and web-based management interfaces, and controlling access with firewall policies at layer 3 and higher.
At press time, there was no evidence of in-the-wild abuse.
ViaBleepingComputer
You might also like
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
A critical Palo Alto Networks bug is being hit by cyberattacks, so patch now
3 reasons why PIA fell in our best VPN rankings
Cybersecurity is business survival and CISOs need to act now
