Critical Vulnerabilities Found in HPE Aruba Access Points

Critical vulnerabilities discovered in HPE Aruba Access Points. Multiple severe vulnerabilities have been identified in HPE Aruba Access Points, affecting both Instant AOS-8 and AOS-10, with some allowing unauthenticated remote code execution. Key vulnerabilities include CVE-2024-42509 and CVE-2024-47460, both enabling command injection, and CVE-2024-47461, which allows authenticated command execution. HPE recommends implementing security measures such as enabling cluster security and restricting access to management interfaces to mitigate these risks.