ArubaOS-Switch belongs to Aruba Networks and it’s a subsidiary of HPE (Hewlett Packard Enterprise).
It helps centralize network management, and besides this, it also develops diverse products related to networking.
Security Analysts Discovered a multitude of vulnerabilities in ArubaOS-Switch Switches, including CVE-2024-1356, CVE-2024-25611, CVE-2024-25612, CVE-2024-25613, CVE-2024-25614, CVE-2024-25615, and CVE-2024-25616.
However, to mitigate these vulnerabilities, HPE Aruba Networking has released patches for ArubaOS.
Document
Are you from SOC and DFIR teams? – Join With 400,000 independent Researchers
Malware analysis can be fast and simple. Just let us show you the way to:
-
Interact with malware safely
-
Set up virtual machine in Linux and all Windows OS versions
-
Work in a team
-
Get detailed reports with maximum data
Flaws’ Profiles
Here below we have mentioned all the vulnerabilities:-
-
Authenticated Remote Command Execution in the ArubaOS Command Line Interface (CVE-2024-1356, CVE-2024-25611, CVE-2024-25612, CVE-2024-25613)
-
Description: ArubaOS CLI has command injection flaws. Exploits let attackers run arbitrary commands as privileged OS user.
-
Severity: High
-
CVSSv3 Overall Score: 7.2
-
Discovery: These vulnerabilities were discovered and reported by Erik de Jong (bugcrowd.com/erikdejong) via HPE Aruba Networking’s bug bounty program.
-
Workaround: HPE Aruba advises restricting CLI, web management to dedicated L2 segment/VLAN, firewall policies beyond L3 to curb exploit risk.
-
Authenticated Arbitrary File Deletion in ArubaOS CLI (CVE-2024-25614)
-
Description: ArubaOS CLI has an arbitrary file deletion flaw, allowing attackers to delete files on the OS, potentially causing denial-of-service and compromising controller integrity.
-
Severity: Medium
-
CVSSv3 Overall Score: 5.5
-
Discovery: Erik de Jong (bugcrowd.com/erikdejong) uncovered and disclosed this flaw through HPE Aruba’s bug bounty program.
-
Workaround: HPE Aruba advises limiting CLI, web management access to dedicated L2 segment/VLAN, enforcing L3+ firewall rules to mitigate exploitation.
-
Unauthenticated Denial-of-Service (DoS) Vulnerabilities in the Spectrum Service Accessed via the PAPI Protocol (CVE-2024-25615)
-
Description: ArubaOS 8.x faces an unauthenticated DoS flaw in the Spectrum service through the PAPI protocol, enabling disruption of its normal operation when exploited.
-
Severity: Medium
-
CVSSv3 Overall Score: 5.3
-
Discovery: XiaoC from Moonlight Bug Hunter mined and disclosed this flaw through HPE Aruba’s bug bounty initiative.
-
Workaround: Activating Enhanced PAPI Security with custom key blocks exploit. Besides this, it’s been advised to reach HPE Aruba TAC for config aid.
-
ArubaOS Sensitive Information Disclosure (CVE-2024-25616)
-
Description: Certain ArubaOS setups risk leaking sensitive data during the IKE_AUTH negotiation. Disclosure scenarios are intricate and hinge on uncontrollable factors.
-
Severity: Low
-
CVSSv3 Overall Score: 3.7
-
Discovery: Aruba Engineering discovered this vulnerability.
-
Workaround: None
Make sure to update Mobility Controllers, Conductors, Gateways to specified ArubaOS versions to fix vulnerabilities:-
-
ArubaOS 10.5.x.x: 10.5.1.0 and above
-
ArubaOS 10.4.x.x: 10.4.1.0 and above
-
ArubaOS 8.11.x.x: 8.11.2.1 and above
-
ArubaOS 8.10.x.x: 8.10.0.10 and above
As of the advisory release, HPE Aruba is unaware of public exploit code or discussion targeting these flaws.
