CRITICAL🇵🇱 Wersja polska

CVE-2024-31466

CVSS 9.8v3.1pub. 2024-05-14upd. 2025-06-24

There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.

🤖 AI Analysis
How it works

The vulnerability (CWE-121 — stack-based buffer overflow) is located in the PAPI protocol handling layer, which is Aruba's access point management protocol running on UDP port 8211. An attacker can send specially crafted packets to this port, causing a buffer overflow on the stack in the CLI service. Successful exploitation of the vulnerability allows arbitrary code execution with the privileges of a privileged system user, without the need to possess any credentials.

Impact

An attacker gains the ability to execute arbitrary code with the privileges of a privileged user on the device's operating system, which means complete takeover of the access point or network controller.

Mitigation & patch

Apply patches available from the manufacturer in accordance with the references: https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us and https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt. As a temporary workaround, it is recommended to restrict access to UDP port 8211 (PAPI) exclusively to trusted hosts using firewall or ACL lists on edge devices.

Who is affected

Devices running ArubaOS (Aruba Networks) and HP InstantOS — specific versions indicated in the manufacturer's references (ARUBA-PSA-2024-006 and HPE Security Bulletin hpesbnw04647)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Arubanetworks Arubaos

    OS
    Arubanetworks
    10.3.0.0 – 10.4.1.1 (bez)10.5.0.0 – 10.5.1.1 (bez)
  • HP Instantos

    OS
    Hp
    6.4.0.0 – 8.6.0.24 (bez)8.7.0.0 – 8.10.0.11 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2024-42395CRITICAL9.8PL ✓ten sam produkt

RCE bez uwierzytelnienia w AP Certificate Management Service (ArubaOS/InstantOS)

CVE-2024-42394CRITICAL9.8PL ✓ten sam produkt

RCE w Soft AP Daemon Service — ArubaOS i InstantOS (KRYTYCZNY)

CVE-2024-42393CRITICAL9.8PL ✓ten sam produkt

RCE w Soft AP Daemon Service — ArubaOS i InstantOS

CVE-2024-31470CRITICAL9.8PL ✓ten sam produkt

Buffer overflow w usłudze SAE Aruba ArubaOS / InstantOS — nieuwierzytelniony RCE

CVE-2024-31468CRITICAL9.8PL ✓ten sam produkt

Buffer overflow w usłudze Central Communications ArubaOS/InstantOS — nieuwierzytelniony RCE