CVE-2024-33512

CVSS 9.8 CRITICALEPSS 14.6%CWE-121

In short

A buffer overflow flaw in Aruba's Local User Authentication Database service allows attackers to send specially crafted packets to a specific network port and execute malicious code on the system without needing valid credentials. This is a critical vulnerability because it gives attackers complete control over the affected device.

Technical detail

A stack-based buffer overflow (CWE-121) exists in the PAPI UDP service (port 8211) of Aruba's Local User Authentication Database. Unauthenticated remote attackers can trigger the overflow by sending malformed packets, achieving arbitrary code execution with elevated privileges. Pre-condition: PAPI service must be accessible over the network; successful exploitation grants privileged OS-level code execution.

Summary generated and translated by AI from the official description.

There is a buffer overflow vulnerability in the underlying Local User Authentication Database service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Hewlett Packard Enterprise (HPE) · Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-004.txt