HPE Aruba Networking Addresses Security Vulnerabilities in AOS Systems

HPE Aruba Networking has issued a security advisory addressing multiple vulnerabilities in its ArubaOS (AOS) systems, which are widely deployed in enterprise networks to manage Mobility Conductors, Controllers, and Gateways. These vulnerabilities, if exploited, could allow attackers to execute unauthorized commands or overwrite system files, posing significant risks to network security.

Two primary vulnerabilities have been identified:

Authenticated Remote Code Execution in the AOS Web-based Management Interface
(CVE-2025-23051, CVSS 7.2): An authenticated parameter injection vulnerability in the web-based management interface of AOS-8 and AOS-10 could allow an attacker to overwrite arbitrary system files. As the advisory notes, “Successful exploitation could allow an authenticated user to leverage parameter injection to overwrite arbitrary system files.”
Authenticated Command Injection in the CLI Interface
(CVE-2025-23052, CVSS 7.2): This vulnerability in the command-line interface of AOS could enable attackers to execute arbitrary commands with privileged access. The advisory explains, “Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands as a privileged user on the underlying operating system.”

HPE Aruba Networking urges users to upgrade their devices to the latest AOS versions to mitigate these vulnerabilities.

The following versions are available to address the issues:

AOS-10.7.x.x: 10.7.0.0 and above
AOS-10.4.x.x: 10.4.1.5 and above
AOS-8.12.x.x: 8.12.0.3 and above
AOS-8.10.x.x: 8.10.0.15 and above

As a workaround, HPE Aruba Networking recommends restricting access to the CLI and web-based management interfaces. This can be achieved by isolating these interfaces to a dedicated Layer 2 segment/VLAN and implementing firewall policies at Layer 3 and above.

Leave a Reply Cancel reply

Website

Related Posts:

Leave a Reply Cancel reply