HPE Releases Security Updates for Aruba Access Points
/ 1 min read
Hewlett Packard Enterprise addresses critical vulnerabilities in Aruba Networking Access Points. HPE has released security updates for Aruba Networking Access Points to fix multiple vulnerabilities, including two critical command injection flaws (CVE-2024-42509 and CVE-2024-47460) that could allow unauthenticated remote code execution. The affected versions include Instant AOS-8 and AOS-10, with HPE advising users to enable cluster security or block access to specific UDP ports to mitigate risks. Additionally, four other vulnerabilities have been patched, and users are encouraged to restrict access to management interfaces to enhance security.