Multiple vulnerabilities have been discovered in Aruba 9200 and 9000 Series Controllers and Gateways running ArubaOS. The vulnerabilities related to Buffer Overflow and Hardware Root of Trust bypass. Aruba has released a security advisory for addressing these vulnerabilities.
At the end of August, Aruba released patches for multiple vulnerabilities affecting Aruba Switches, which were related to Stored Cross-site Scripting (Stored XSS), Denial of Service (DoS), and Memory corruption.
These two vulnerabilities are related to Buffer Overflow that exists in the BIOS implementation of Aruba 9200 and 9000 Series Controllers and Gateways. These vulnerabilities can allow a threat actor to execute arbitrary code in the boot sequence.
In addition to this, the threat actor can also gain access to sensitive information in the affected Aruba Series controllers and change them which leads to a complete system compromise. The severity for these vulnerabilities has been given as 8.0 (High).
This vulnerability exists in the secure boot implementation on the affected Aruba 9200 and 9000 Series Controllers and Gateways could allow a threat actor to bypass the security control that prohibits unsigned kernel images from executing.
Furthermore, the threat actor can also use this vulnerability to execute arbitrary runtime operating systems, including unverified and unsigned OS images. The severity of this vulnerability has been given as 7.7 (High).
In order to exploit these vulnerabilities, the threat actor must exploit other vulnerabilities and gain access to the root shell of the Local ArubaOS controller since these vulnerabilities require root shell access for exploitation.
As a workaround, Aruba has recommended its users restrict the CLI and web-based management interfaces to a dedicated layer 2 segment or by firewall policies at layer 3 and above.
“HPE Aruba Networking recommends that the CLI and web-based management interfaces be restricted to a dedicated layer 2 segment/VLAN and/or controlled by firewall policies at layer 3 and above.” reads the security advisory by Aruba.
For detailed information about these vulnerabilities, it is recommended to check the security advisory released by Aruba.
| Affected Products | Affected Software Versions | End-of-support products (Patches will not be released) | Fixed in versions |
| 9200 Series Mobility Controllers and SD-WAN Gateways9000 Series Mobility Controllers and SD-WAN Gateways | ArubaOS 10.4.x.x: 10.4.0.1 and belowArubaOS 8.11.x.x: 8.11.1.0 and belowArubaOS 8.10.x.x: 8.10.0.6 and belowArubaOS 8.6.x.x: 8.6.0.21 and below | ArubaOS 10.3.x.x: allArubaOS 8.9.x.x: allArubaOS 8.8.x.x: allArubaOS 8.7.x.x: allArubaOS 6.5.4.x: allSD-WAN 8.7.0.0-2.3.0.x: allSD-WAN 8.6.0.4-2.2.x.x: all | ArubaOS 10.4.x.x: 10.4.0.2 and aboveArubaOS 8.11.x.x: 8.11.1.1 and aboveArubaOS 8.10.x.x: 8.10.0.7 and aboveArubaOS 8.6.x.x: 8.6.0.22 and above |
Users of these products are recommended to upgrade to the latest ArubaOS versions to fix these vulnerabilities and prevent them from getting exploited.
Keep informed about the latest Cyber Security News by following us on Google News, Linkedin, Twitter, and Facebook.
Several high-severity vulnerabilities have been identified in Android and Google Pixel devices, exposing millions of…
Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting victims…
The Python-based NodeStealer, a sophisticated info-stealer, has evolved to target new information and employ advanced…
A significant XSS vulnerability was recently uncovered in Microsoft’s Bing.com, potentially allowing attackers to execute…
Meta has announced the removal of over 2 million accounts connected to malicious activities, including…
Critical security vulnerability has been identified in Veritas Enterprise Vault, a widely-used archiving and content…