CVE-2024-26305

Name of the Vulnerable Software and Affected Versions ArubaOS versions 8.10 through 10.5

Description The issue is related to a buffer overflow vulnerability in the Utility daemon, which could lead to unauthenticated remote code execution by sending specially crafted packets to the PAPI UDP port 8211. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.

Recommendations For ArubaOS versions 8.10 through 10.5, upgrade ArubaOS to a patched version to resolve the issue. As a temporary workaround, consider restricting access to the PAPI UDP port 8211 to minimize the risk of exploitation.