www.belgium.be Logo of the federal government

Warning: ARUBA NETWORKS PUBLISHED 33 NEW VULNERABILITIES OF WHICH 6 ARE RATED CRITICAL, MITIGATE IMMEDIATELY!

Reference: 
Advisory #2023-22
Version: 
1.0
Affected software: 
ArubaOS 8.6.x.x: 8.6.0.19 and below
ArubaOS 8.10.x.x: 8.10.0.4 and below
ArubaOS 10.3.x.x: 10.3.1.0 and below
SD-WAN 8.7.0.0-2.3.0.x: 8.7.0.0-2.3.0.8 and below
Type: 
Unauthenticated Remote Code Execution
CVE/CVSS: 

Selection of the most critical vulnerabilties in the report:

CVE-2023-22747: 9.8 (CVSS:3.1/AV: N/AC: L/PR: N/UI: N/S: U/C:H/I:H/A:H)
CVE-2023-22748: 9.8 (CVSS:3.1/AV: N/AC: L/PR: N/UI: N/S: U/C:H/I:H/A:H)
CVE-2023-22749: 9.8 (CVSS:3.1/AV: N/AC: L/PR: N/UI: N/S: U/C:H/I:H/A:H)
CVE-2023-22750: 9.8 (CVSS:3.1/AV: N/AC: L/PR: N/UI: N/S: U/C:H/I:H/A:H)
CVE-2023-22751: 9.8 (CVSS:3.1/AV: N/AC: L/PR: N/UI: N/S: U/C:H/I:H/A:H)
CVE-2023-22752: 9.8 (CVSS:3.1/AV: N/AC: L/PR: N/UI: N/S: U/C:H/I:H/A:H)

Sources

https://asp.arubanetworks.com/notifications/Tm90aWZpY2F0aW9uOjEzNzAw;notificationCategory=Security

Risks

A Software-defined Wide Area Network (SD-WAN) is a virtual WAN architecture that allows enterprises to leverage any combination of transport services, including MPLS, LTE and broadband internet services, to securely connect users to applications.

Successful exploitation of any of these critical vulnerabilities result in code execution by the attacker with high privileges and has a HIGH impact on Confidentiality, Integrity, and Availability.

Description

CVE-2023-22747, CVE-2023-22748, CVE-2023-22749 & CVE-2023-22750:

The above mentioned four command injection vulnerabilities can lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system.

CVE-2023-22751 & CVE-2023-22752:

The above mentioned two stack-based buffer overflow vulnerabilities can lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
 

Recommended Actions

The Centre for Cyber Security Belgium strongly recommends system administrators to take the following actions:

Enable the Enhanced PAPI Security feature using a non-default key will prevent exploitation of these vulnerabilities.

References

https://www.cybersecurity-help.cz/vdb/SB2023030113