Tuesday, April 16, 2024

Multiple ArubaOS vulnerabilities Let Attackers Execute Arbitrary Code

Multiple vulnerabilities have been discovered in Aruba 9200 and 9000 Series Controllers and Gateways running ArubaOS. The vulnerabilities related to Buffer Overflow and Hardware Root of Trust bypass. Aruba has released a security advisory for addressing these vulnerabilities.

At the end of August, Aruba released patches for multiple vulnerabilities affecting Aruba Switches, which were related to Stored Cross-site Scripting (Stored XSS), Denial of Service (DoS), and Memory corruption.

CVE-2023-38484, CVE-2023-38485

These two vulnerabilities are related to Buffer Overflow that exists in the BIOS implementation of Aruba 9200 and 9000 Series Controllers and Gateways. These vulnerabilities can allow a threat actor to execute arbitrary code in the boot sequence. 

In addition to this, the threat actor can also gain access to sensitive information in the affected Aruba Series controllers and change them which leads to a complete system compromise. The severity for these vulnerabilities has been given as 8.0 (High).

CVE-2023-38486 – Hardware Root of Trust Bypass

This vulnerability exists in the secure boot implementation on the affected Aruba 9200 and 9000 Series Controllers and Gateways could allow a threat actor to bypass the security control that prohibits unsigned kernel images from executing.

Furthermore, the threat actor can also use this vulnerability to execute arbitrary runtime operating systems, including unverified and unsigned OS images. The severity of this vulnerability has been given as 7.7 (High).

Prerequisites for a Threat Actor & Workaround

In order to exploit these vulnerabilities, the threat actor must exploit other vulnerabilities and gain access to the root shell of the Local ArubaOS controller since these vulnerabilities require root shell access for exploitation.

As a workaround, Aruba has recommended its users restrict the CLI and web-based management interfaces to a dedicated layer 2 segment or by firewall policies at layer 3 and above.

“HPE Aruba Networking recommends that the CLI and web-based management interfaces be restricted to a dedicated layer 2 segment/VLAN and/or controlled by firewall policies at layer 3 and above.” reads the security advisory by Aruba.

For detailed information about these vulnerabilities, it is recommended to check the security advisory released by Aruba.

Affected ProductsAffected Software VersionsEnd-of-support products (Patches will not be released)Fixed in versions
9200 Series Mobility Controllers and SD-WAN Gateways9000 Series Mobility Controllers and SD-WAN GatewaysArubaOS 10.4.x.x: 10.4.0.1 and belowArubaOS 8.11.x.x: 8.11.1.0 and belowArubaOS 8.10.x.x: 8.10.0.6 and belowArubaOS 8.6.x.x: 8.6.0.21 and belowArubaOS 10.3.x.x: allArubaOS 8.9.x.x: allArubaOS 8.8.x.x: allArubaOS 8.7.x.x: allArubaOS 6.5.4.x: allSD-WAN 8.7.0.0-2.3.0.x: allSD-WAN 8.6.0.4-2.2.x.x: allArubaOS 10.4.x.x: 10.4.0.2 and aboveArubaOS 8.11.x.x: 8.11.1.1 and aboveArubaOS 8.10.x.x: 8.10.0.7 and aboveArubaOS 8.6.x.x: 8.6.0.22 and above

Users of these products are recommended to upgrade to the latest ArubaOS versions to fix these vulnerabilities and prevent them from getting exploited.

Keep informed about the latest Cyber Security News by following us on Google NewsLinkedinTwitter, and Facebook.

Website

Latest articles

Hacker Customize LockBit 3.0 Ransomware to Attack Orgs Worldwide

Cybersecurity researchers at Kaspersky have uncovered evidence that cybercriminal groups are customizing the virulent...

Microsoft .NET, .NET Framework, & Visual Studio Vulnerable To RCE Attacks

A new remote code execution vulnerability has been identified to be affecting multiple Microsoft...

LightSpy Hackers Indian Apple Device Users to Steal Sensitive Data

The revival of the LightSpy malware campaign has been observed, focusing on Indian Apple...

LightSpy Malware Attacking Android and iOS Users

A new malware known as LightSpy has been targeting Android and iOS users.This sophisticated...

This Startup Aims To Simplify End-to-End Cybersecurity, So Anyone Can Do It

The Web3 movement is going from strength to strength with every day that passes....

Alert! Palo Alto RCE Zero-day Vulnerability Actively Exploited in the Wild

In a recent security bulletin, Palo Alto Networks disclosed a critical vulnerability in its...

6-year-old Lighttpd Flaw Impacts Intel And Lenovo Servers

The software supply chain is filled with various challenges, such as untracked security vulnerabilities...
Eswar
Eswar
Eswar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Top 3 SME Attack Vectors

Securing the Top 3 SME Attack Vectors

Cybercriminals are laying siege to small-to-medium enterprises (SMEs) across sectors. 73% of SMEs know they were breached in 2023. The real rate could be closer to 100%.

  • Stolen credentials
  • Phishing
  • Exploitation of vulnerabilities

Related Articles