Security News > 2022 > May > Critical vulnerabilities found in 'millions of Aruba and Avaya switches'
Five critical remote code execution vulnerabilities in millions Aruba and Avaya devices can be exploited by cybercriminals to take full control of network switches commonly used in airports, hospitals, and hotels, according to Armis researchers.
The flaws affect about 10 million devices across HPE's Aruba and Extreme Networks' Avaya switching portfolio, and have severity scores ranging from 9.0 to 9.8 out of 10.
TLStorm 2.0 follows the discovery and patching of TLStorm: three critical vulnerabilities said to be in millions of Schneider Electric APC Smart-UPS products.
One of the Aruba vulnerabilities, CVE-2022-23677, which received a 9.0 out of 10 CVSS score is due to a weakness in NanoSSL that can be exploited via a captive portal.
The attack surface for the Avaya switches is the web management portal, and none of its three vulnerabilities require any kind of authentication to exploit.
The second critical Avaya bug, CVE-2022-29861, can lead to a stack overflow during HTTP header parsing, which can be exploited to run arbitrary malicious code remotely on the switch.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/05/03/aruba_avaya_critical_vulns/
Related news
- HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities (source)
- HPE warns of critical RCE flaws in Aruba Networking access points (source)
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)
- Critical vulnerabilities persist in high-risk sectors (source)
- Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities (source)
- CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-10 | CVE-2022-23677 | Out-of-bounds Write vulnerability in Arubanetworks products A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions; ArubaOS-Switch 16.02.xxxx: K.16.02.0033 and below; ArubaOS-Switch 16.03.xxxx: All versions; ArubaOS-Switch 16.04.xxxx: All versions; ArubaOS-Switch 16.05.xxxx: All versions; ArubaOS-Switch 16.06.xxxx: All versions; ArubaOS-Switch 16.07.xxxx: All versions; ArubaOS-Switch 16.08.xxxx: KB/WB/WC/YA/YB/YC.16.08.0024 and below; ArubaOS-Switch 16.09.xxxx: KB/WB/WC/YA/YB/YC.16.09.0019 and below; ArubaOS-Switch 16.10.xxxx: KB/WB/WC/YA/YB/YC.16.10.0019 and below; ArubaOS-Switch 16.11.xxxx: KB/WB/WC/YA/YB/YC.16.11.0003 and below. | 8.1 |