Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks

2024-05-03 04:50

HPE Aruba Networking (formerly Aruba Networks) has released security updates to address critical flaws impacting ArubaOS that could result in remote code execution (RCE) on affected systems. Of the 10 security defects, four are rated critical in severity - CVE-2024-26304 (CVSS score: 9.8) - Unauthenticated Buffer Overflow Vulnerability in the L2/L3 Management Service Accessed via

News URL

https://thehackernews.com/2024/05/four-critical-vulnerabilities-expose.html

#aruba #attack #critical #HPE #RCE #vulnerabilities #CVE-2024-26304

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2024-05-01	CVE-2024-26304	There is a buffer overflow vulnerability in the underlying L2/L3 Management service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211).	0.0

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
HPE		174	0	45	82	21	148

News URL

Related news

Related Vulnerability

Related vendor