Security News > 2024 > May > Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks
2024-05-03 04:50
HPE Aruba Networking (formerly Aruba Networks) has released security updates to address critical flaws impacting ArubaOS that could result in remote code execution (RCE) on affected systems. Of the 10 security defects, four are rated critical in severity - CVE-2024-26304 (CVSS score: 9.8) - Unauthenticated Buffer Overflow Vulnerability in the L2/L3 Management Service Accessed via
News URL
https://thehackernews.com/2024/05/four-critical-vulnerabilities-expose.html
Related news
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks (source)
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- CISA warns of critical Oracle, Mitel flaws exploited in attacks (source)
- Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection (source)
- SAP fixes critical vulnerabilities in NetWeaver application servers (source)
- Critical vulnerabilities remain unresolved due to prioritization gaps (source)
- Critical SimpleHelp vulnerabilities fixed, update your server instances! (source)
- Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation (source)
- SonicWall warns of SMA1000 RCE flaw exploited in zero-day attacks (source)