CVE-2024-26304

Name of the Vulnerable Software and Affected Versions ArubaOS versions prior to the fixed version

Description The issue is related to a buffer overflow vulnerability in the underlying L2/L3 Management service. This vulnerability could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.

Recommendations As a temporary workaround, consider disabling the PAPI protocol or restricting access to the UDP port 8211 until a patch is available. For versions prior to the fixed version, update to the latest version to resolve the issue. Restrict access to the vulnerable L2/L3 Management service to minimize the risk of exploitation.