There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
An attacker sends specially crafted UDP packets to port 8211, which is handled by the PAPI protocol (Aruba Access Point management protocol). Improper handling of these packets by the Central Communications service leads to a stack-based buffer overflow (CWE-121). The vulnerability allows an attacker to take control of program execution flow without needing any credentials.
An attacker can execute arbitrary code with privileged user permissions at the operating system level of the device, which may lead to complete device compromise, loss of data confidentiality, system integrity, and availability.
Security patches available from the manufacturer should be applied in accordance with references — Aruba Networks security bulletin ARUBA-PSA-2024-006 and HPE bulletin hpesbnw04647en_us. Additionally, as a temporary measure, it is recommended to restrict access to UDP port 8211 (PAPI) exclusively to trusted hosts using firewall rules or network segmentation.
Devices running ArubaOS and HP InstantOS software — specific versions indicated in manufacturer references (ARUBA-PSA-2024-006 and HPE bulletin hpesbnw04647en_us)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HArubanetworks Arubaos
OSArubanetworks10.3.0.0 – 10.4.1.1 (bez)10.5.0.0 – 10.5.1.1 (bez)HP Instantos
OSHp6.4.0.0 – 8.6.0.24 (bez)8.7.0.0 – 8.10.0.11 (bez)
Related vulnerabilities
RCE bez uwierzytelnienia w AP Certificate Management Service (ArubaOS/InstantOS)
RCE w Soft AP Daemon Service — ArubaOS i InstantOS (KRYTYCZNY)
RCE w Soft AP Daemon Service — ArubaOS i InstantOS
Buffer overflow w usłudze SAE Aruba ArubaOS / InstantOS — nieuwierzytelniony RCE
Buffer overflow w CLI service ArubaOS/InstantOS umożliwiający zdalny RCE