#1 Middle East & Africa Trusted Cybersecurity News & Magazine |

23 C
Dubai
Tuesday, January 21, 2025
HomeTopics 4PatchUrgent Update: HPE Issues Critical Security Patches for Multiple Aruba Access Point...

Urgent Update: HPE Issues Critical Security Patches for Multiple Aruba Access Point Vulnerabilities

Date:

Related stories

spot_imgspot_imgspot_imgspot_img

In a recent security advisory, Hewlett Packard Enterprise (HPE) has issued critical patches for several vulnerabilities affecting Aruba Networking Access Points running Instant AOS-8 and AOS-10. The vulnerabilities, rated as high and critical severity, could allow attackers to gain unauthorized access, execute arbitrary commands with root privileges, and even take full control of compromised devices. These vulnerabilities impact a range of Aruba Access Point models, and HPE urges immediate action to mitigate potential security risks.

This article examines the vulnerabilities, the potential security impacts, and provides essential best practices for securing these critical network devices.

Overview of the Aruba Access Point Vulnerabilities

HPE Aruba Networking has identified multiple vulnerabilities across Aruba Access Points using AOS-8 and AOS-10, with the following assigned CVE identifiers:

  1. CVE-2024-42509: An unauthenticated command injection vulnerability in the CLI service accessed via the PAPI protocol. This flaw could allow attackers to execute arbitrary commands with root privileges, posing a high risk for system compromise.
  2. CVE-2024-47460: Another command injection vulnerability targeting the CLI, accessible through crafted packets sent to UDP port 8211, which can also lead to remote code execution.
  3. CVE-2024-47461: Authenticated remote command execution vulnerability in the CLI that allows attackers with valid credentials to execute arbitrary commands.
  4. CVE-2024-47462 and CVE-2024-47463: Authenticated arbitrary file creation vulnerabilities in the CLI that could lead to remote code execution.
  5. CVE-2024-47464: An authenticated path traversal vulnerability that could allow attackers unauthorized access to sensitive files.

Impacted Products and Versions

The vulnerabilities affect Aruba Access Points running the following versions:

  • AOS-10.4.x.x (10.4.1.4 and below)
  • Instant AOS-8.12.x.x (8.12.0.2 and below)
  • Instant AOS-8.10.x.x (8.10.0.13 and below)

Devices not affected by these vulnerabilities include HPE Aruba Networking Mobility Conductor, Mobility Controllers, SD-WAN Gateways, and the InstantOn Access Points series.

No Available Workarounds for Certain Devices

For affected devices running AOS-10, HPE has confirmed that no workarounds exist, making immediate patching the only viable mitigation. For AOS-8 devices, HPE recommends enabling cluster security via the cluster-security command, though patching remains the preferred solution. It is essential to limit access to the vulnerable UDP port (8211) to trusted networks only, especially if using AOS-10, where no command-based workaround is available.

10 Essential Tips to Prevent Network Vulnerabilities

  1. Apply Security Patches Promptly: Regularly check for and apply firmware updates for Aruba devices. Ensure that the latest patch versions are installed to mitigate these critical vulnerabilities.
  2. Limit Access to Management Interfaces: Restrict CLI and web-based management interfaces to secure VLANs and specific IP ranges to prevent unauthorized access.
  3. Monitor UDP Port 8211 Traffic: Since the PAPI protocol uses this port, configure firewalls to restrict access from untrusted networks.
  4. Enable Cluster Security: For AOS-8 devices, enable cluster security to prevent unauthorized command injection attacks.
  5. Implement Network Segmentation: Place critical infrastructure devices in segmented networks that only trusted devices and users can access.
  6. Regular Vulnerability Assessments: Conduct regular vulnerability scans on access points to detect any residual risks and misconfigurations that may allow unauthorized access.
  7. Deploy Endpoint Security Solutions: Use endpoint security tools to monitor and respond to suspicious activities on access points and network-connected devices.
  8. Enable Strong Authentication: Apply multi-factor authentication (MFA) for accessing management interfaces to protect against unauthorized access.
  9. Restrict File Upload Permissions: Configure permissions carefully to limit file uploads and prevent unauthorized file creation on devices.
  10. Educate and Train Staff: Ensure IT staff are aware of the latest vulnerabilities and follow best practices for device management and configuration.

Conclusion

The recent security patches issued by HPE for Aruba Networking Access Points underscore the ongoing importance of proactive cybersecurity practices in network management. For organizations using Aruba access points in critical environments, the identified vulnerabilities highlight the risks of delayed patching. Applying these patches immediately and following best practices will significantly reduce the threat of unauthorized access and ensure a secure networking environment.

For additional information and access to software updates, visit HPE’s official security advisory here.

Want to stay on top of cybersecurity news? Follow us on Facebook, X (Twitter), Instagram, and LinkedIn for the latest threats, insights, and updates!

Ouaissou DEMBELE
Ouaissou DEMBELEhttp://cybercory.com
Ouaissou DEMBELE is an accomplished cybersecurity professional and the Editor-In-Chief of cybercory.com. He has over 10 years of experience in the field, with a particular focus on Ethical Hacking, Data Security & GRC. Currently, Ouaissou serves as the Co-founder & Chief Information Security Officer (CISO) at Saintynet, a leading provider of IT solutions and services. In this role, he is responsible for managing the company's cybersecurity strategy, ensuring compliance with relevant regulations, and identifying and mitigating potential threats, as well as helping the company customers for better & long term cybersecurity strategy. Prior to his work at Saintynet, Ouaissou held various positions in the IT industry, including as a consultant. He has also served as a speaker and trainer at industry conferences and events, sharing his expertise and insights with fellow professionals. Ouaissou holds a number of certifications in cybersecurity, including the Cisco Certified Network Professional - Security (CCNP Security) and the Certified Ethical Hacker (CEH), ITIL. With his wealth of experience and knowledge, Ouaissou is a valuable member of the cybercory team and a trusted advisor to clients seeking to enhance their cybersecurity posture.

Subscribe

- Never miss a story with notifications

- Gain full access to our premium content

- Browse free from up to 5 devices at once

Latest stories

spot_imgspot_imgspot_imgspot_img

LEAVE A REPLY

Please enter your comment!
Please enter your name here