Blog
Share This Post
[ad_1]
Updates have been issued by Hewlett Packard Enterprise to fix six security flaws affecting its Aruba Networking Access Point offerings, including a pair of critical unauthenticated command injection bugs within the CLI Service, tracked as CVE-2024-42509 and CVE-2024-47460, which could be leveraged for arbitrary code execution, according to The Hacker News.
Immediate patching of the severe vulnerabilities in impacted Aruba Network products, including AOS-10.4.x.x: 10.4.1.4 and below, Instant AOS-8.12.x.x: 8.12.0.2 and below, and Instant AOS-8.10.x.x: 8.10.0.13 and below, has been urged by Arctic Wolf researchers despite lack of evidence suggesting active exploitation. “…[T]hreat actors may attempt to reverse-engineer the patches to exploit unpatched systems in the near future,” said Arctic Wolf. HPE has also addressed the high-severity Instant AOS-8 and AOS-10 arbitrary remote command execution flaw, tracked as CVE-2024-47461, a pair of high-severity arbitrary file creation bugs, tracked as CVE-2024-47462 and CVE-2024-47463, and a medium severity authenticated path traversal issue, tracked as CVE-2024-47464.
Get essential knowledge and practical strategies to fortify your network security.
[ad_2]
Source link
Subscribe To Our Newsletter
Get updates and learn from the best
More To Explore
US Charges Five People Over North Korean IT Worker Scheme
[ad_1] The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to
In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies
[ad_1] Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York
