CVE-2021-25144

Name of the Vulnerable Software and Affected Versions Aruba Instant versions 6.4.x through 6.4.4.8-4.2.4.17 and below Aruba Instant versions 6.5.x through 6.5.4.16 and below Aruba Instant versions 8.3.x through 8.3.0.12 and below Aruba Instant versions 8.5.x through 8.5.0.6 and below Aruba Instant versions 8.6.x through 8.6.0.2 and below Siemens SCALANCE (affected versions not specified)

Description A remote buffer overflow issue was discovered, allowing potential exploitation through specially crafted packets, which could enable a remote attacker to execute arbitrary code. The issue is related to a lack of input size validation, leading to a buffer overflow condition.

Recommendations For Aruba Instant versions 6.4.x through 6.4.4.8-4.2.4.17 and below: Apply the released patch from Aruba to address the security vulnerability. For Aruba Instant versions 6.5.x through 6.5.4.16 and below: Apply the released patch from Aruba to address the security vulnerability. For Aruba Instant versions 8.3.x through 8.3.0.12 and below: Apply the released patch from Aruba to address the security vulnerability. For Aruba Instant versions 8.5.x through 8.5.0.6 and below: Apply the released patch from Aruba to address the security vulnerability. For Aruba Instant versions 8.6.x through 8.6.0.2 and below: Apply the released patch from Aruba to address the security vulnerability. For Siemens SCALANCE: At the moment, there is no information about a newer version that contains a fix for this vulnerability.