Multiple vulnerabilities have been discovered in Aruba 9200 and 9000 Series Controllers and Gateways running ArubaOS. The vulnerabilities related to Buffer Overflow and Hardware Root of Trust bypass. Aruba has released a security advisory for addressing these vulnerabilities.
At the end of August, Aruba released patches for multiple vulnerabilities affecting Aruba Switches, which were related to Stored Cross-site Scripting (Stored XSS), Denial of Service (DoS), and Memory corruption.
These two vulnerabilities are related to Buffer Overflow that exists in the BIOS implementation of Aruba 9200 and 9000 Series Controllers and Gateways. These vulnerabilities can allow a threat actor to execute arbitrary code in the boot sequence.
In addition to this, the threat actor can also gain access to sensitive information in the affected Aruba Series controllers and change them which leads to a complete system compromise. The severity for these vulnerabilities has been given as 8.0 (High).
This vulnerability exists in the secure boot implementation on the affected Aruba 9200 and 9000 Series Controllers and Gateways could allow a threat actor to bypass the security control that prohibits unsigned kernel images from executing.
Furthermore, the threat actor can also use this vulnerability to execute arbitrary runtime operating systems, including unverified and unsigned OS images. The severity of this vulnerability has been given as 7.7 (High).
In order to exploit these vulnerabilities, the threat actor must exploit other vulnerabilities and gain access to the root shell of the Local ArubaOS controller since these vulnerabilities require root shell access for exploitation.
As a workaround, Aruba has recommended its users restrict the CLI and web-based management interfaces to a dedicated layer 2 segment or by firewall policies at layer 3 and above.
“HPE Aruba Networking recommends that the CLI and web-based management interfaces be restricted to a dedicated layer 2 segment/VLAN and/or controlled by firewall policies at layer 3 and above.” reads the security advisory by Aruba.
For detailed information about these vulnerabilities, it is recommended to check the security advisory released by Aruba.
| Affected Products | Affected Software Versions | End-of-support products (Patches will not be released) | Fixed in versions |
| 9200 Series Mobility Controllers and SD-WAN Gateways9000 Series Mobility Controllers and SD-WAN Gateways | ArubaOS 10.4.x.x: 10.4.0.1 and belowArubaOS 8.11.x.x: 8.11.1.0 and belowArubaOS 8.10.x.x: 8.10.0.6 and belowArubaOS 8.6.x.x: 8.6.0.21 and below | ArubaOS 10.3.x.x: allArubaOS 8.9.x.x: allArubaOS 8.8.x.x: allArubaOS 8.7.x.x: allArubaOS 6.5.4.x: allSD-WAN 8.7.0.0-2.3.0.x: allSD-WAN 8.6.0.4-2.2.x.x: all | ArubaOS 10.4.x.x: 10.4.0.2 and aboveArubaOS 8.11.x.x: 8.11.1.1 and aboveArubaOS 8.10.x.x: 8.10.0.7 and aboveArubaOS 8.6.x.x: 8.6.0.22 and above |
Users of these products are recommended to upgrade to the latest ArubaOS versions to fix these vulnerabilities and prevent them from getting exploited.
Keep informed about the latest Cyber Security News by following us on Google News, Linkedin, Twitter, and Facebook.
Pathfinder AI expands Hunters' vision for AI-driven SOCs, introducing Agentic AI for autonomous investigation and…
A recent technical study conducted by researchers at Trinity College Dublin has revealed that Google…
In a concerning development, cybercriminals are increasingly targeting cloud-based generative AI (GenAI) services in a…
Microsoft has introduced a series of technical recommendations to bolster the security of Virtualization-Based Security…
A sophisticated cyber espionage campaign targeting the aviation and satellite communications sectors in the United…
Microsoft has announced the removal of the Data Encryption Standard (DES) encryption algorithm from Kerberos…