Imechapishwa: May 17, 2024 14:16
Advisory No: TZCERT/SA/2024/05/17-3
Source: Hewlett-Packard
Software Affected: Aruba Access Points running InstantOS and ArubaOS 10
Advisory No: TZCERT/SA/2024/05/17-3
Date of First Release: 17th May 2024
Source: Hewlett-Packard
Software Affected: Aruba Access Points running InstantOS and ArubaOS 10
Overview:
Aruba Access Points are vulnerable to multiple critical vulnerabilities. The attackers can leverage the vulnerabilities to execute arbitrary code on the affected Access Point.
Description:
Aruba Access Points are affected by multiple vulnerabilities among them are six (6) critical vulnerabilities with a rating score of 9.8. These flaws include buffer overflow and command injection vulnerabilities. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
Impact:
Successful exploitation of these vulnerabilities may allow an attacker to take control of the affected system.
Solution:
Hewlett-Packard has released security patches for these vulnerabilities. Users and administrators are encouraged to apply necessary updates.
References:
A digest of Tanzania Computer Emergency Response Team coverage of cyber-security news across the globe.