CRITICAL🇵🇱 Wersja polska

CVE-2024-31470

CVSS 9.8v3.1pub. 2024-05-14upd. 2025-06-24

There is a buffer overflow vulnerability in the underlying SAE (Simultaneous Authentication of Equals) service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.

🤖 AI Analysis
How it works

The vulnerability results from a stack buffer overflow (CWE-121) in the SAE service handling the PAPI protocol — Aruba access point management protocol operating on UDP port 8211. An attacker can send specially crafted network packets directly to this port, triggering a buffer overflow and gaining control over the process execution flow. Exploitation does not require any authentication or user interaction, making it particularly dangerous in environments with network access to the management port.

Impact

Successful exploitation allows an attacker to execute arbitrary code with privileged user permissions at the operating system level of the device, resulting in complete takeover of the access point.

Mitigation & patch

Apply patches available from the manufacturer in accordance with the following references: https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us and https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt. As a temporary measure, it is recommended to restrict access to UDP port 8211 (PAPI) exclusively to trusted management hosts using a firewall or ACL lists.

Who is affected

Aruba ArubaOS and HP InstantOS — versions specified in manufacturer references (ARUBA-PSA-2024-006 and HPE Security Bulletin hpesbnw04647en_us)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Arubanetworks Arubaos

    OS
    Arubanetworks
    10.3.0.0 – 10.4.1.1 (bez)10.5.0.0 – 10.5.1.1 (bez)
  • HP Instantos

    OS
    Hp
    6.4.0.0 – 8.6.0.24 (bez)8.7.0.0 – 8.10.0.11 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2024-42395CRITICAL9.8PL ✓ten sam produkt

RCE bez uwierzytelnienia w AP Certificate Management Service (ArubaOS/InstantOS)

CVE-2024-42394CRITICAL9.8PL ✓ten sam produkt

RCE w Soft AP Daemon Service — ArubaOS i InstantOS (KRYTYCZNY)

CVE-2024-42393CRITICAL9.8PL ✓ten sam produkt

RCE w Soft AP Daemon Service — ArubaOS i InstantOS

CVE-2024-31469CRITICAL9.8PL ✓ten sam produkt

Buffer overflow w usłudze Central Communications Aruba – nieuwierzytelnione RCE

CVE-2024-31467CRITICAL9.8PL ✓ten sam produkt

Buffer overflow w CLI service ArubaOS/InstantOS umożliwiający zdalny RCE