About:
RedLegg will occasionally communicate vulnerabilities released outside the usual release schedule to provide additional value to our customers. These emergency bulletins describe vulnerabilities or threats we classify as the highest severity level and warrant out-of-band emergency patching or mitigation action.
VULNERABILITies
Aruba Access Point Management Protocol Remote Code Execution Vulnerability
CVSS Score: 9.0 (Critical), 9.8 (Critical)
Identifier: CVE-2024-47460, CVE-2024-42509
Exploit or POC: No known public proof of concept has been reported. Update: HPE Security Advisory (https://support.hpe.com)
Description: CVE-2024-47460 and CVE-2024-42509 are critical command injection vulnerabilities in the underlying CLI service of Aruba's Access Point management protocol (PAPI). An unauthenticated remote attacker could exploit this flaw by sending specially crafted packets to UDP port 8211, leading to arbitrary code execution with privileged access on the affected system.
Mitigation Recommendation: Patching is currently the only method of mitigation. Please update to the latest software versions as listed in the HPE Security Advisory (https://support.hpe.com). Immediate patching is recommended to prevent potential exploitation.