-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 HPE Aruba Networking Product Security Advisory =============================== Advisory ID: HPESBNW04971 CVE: CVE-2025-37163, CVE-2024-12084, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747 Publication Date: 2025-Nov-18 Status: Confirmed Severity: High Revision: 1 Title ===== HPE Aruba Networking Management Software (AirWave), Multiple Vulnerabilities Overview ======== HPE Aruba Networking has released a software update for the HPE Aruba Networking Management Software (AirWave) that addresses multiple security vulnerabilities. Affected Products ================= HPE Aruba Networking Management Software (AirWave) - 8.3.0.4 and below Unaffected Products =================== All other HPE Aruba Networking products and software versions not explicitly listed above are not affected by the vulnerabilities described in the Details section below. Details ======= Authenticated Command Injection Vulnerability in HPE Aruba Networking Management Software (AirWave) CLI (CVE-2025-37163) - --------------------------------------------------------------------- A command injection vulnerability has been identified in the command line interface of the HPE Aruba Networking Airwave Platform. An authenticated attacker could exploit this vulnerability to execute arbitrary operating system commands with elevated privileges on the underlying operating system. Internal References: ATLAW-205 Severity: High CVSS v3.1 Base Score: 7.2 CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Discovery: This vulnerabilty was discovered and reported by Michael "Smolli" Smolinski through HPE Aruba Networking SIRT. Workaround: None. Multiple Vulnerabilities in Rsync Daemon allow for Remote Code Execution, Directory Traversal, and Sensitive Information Disclosure (CVE-2024-12084, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747) - --------------------------------------------------------------------- Rsync, a versatile file-synchronizing tool, contains six vulnerabilities present within versions 3.3.0 and below. Rsync can be used to sync files between remote and local computers, as well as storage devices. The discovered vulnerabilities include heap-buffer overflow, information leak, file leak, external directory file-write,?safe-links bypass, and symbolic-link race condition. Internal References: ATLAW-204 Severity: Medium CVSS v3.1 Base Score: 6.7 CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Discovery: Simon Scannel, Pedro Gallegos, and Jasiel Spelman from Google Cloud Vulnerability Research, and Aleksei Gorban. Workaround: To minimize the likelihood of an attacker exploiting this vulnerability, HPE Aruba Networking recommends that the CLI and web-based management interfaces be restricted to a dedicated layer 2 segment/VLAN and/or controlled by firewall policies at layer 3 and above, along with accounting controls for tracking and logging user activities and resource usage. Note: The Rsync vulnerabilities listed above are reported according to the public information found in the NVD. Resolution ========== Upgrade the HPE Aruba Networking Management Software (AirWave) to the version listed below to resolve the vulnerabilities described in the Details section above: - Airwave 8.3.0.5 and above The software version containing fixes for the vulnerabilities described above is available for download from the HPE Networking Support Portal: https://networkingsupport.hpe.com/home/ Workaround ========== Vulnerability specific workarounds are listed per vulnerability above. You may contact HPE Services - Aruba Networking for assistance if needed. For more information, please visit HPE Aruba Networking Support Portal at https://networkingsupport.hpe.com/home Exploitation and Public Discussion ================================== Except for the Rsync vulnerabilities (CVE-2024-12084, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747), which have already been publicly disclosed through the VINCE CERT Coordination Center, HPE Aruba Networking is not aware of any public discussion or exploit code targeting the vulnerabilities described in this advisory. Additionally, as of the advisory?s release date, HPE Aruba Networking has no evidence of tools or techniques actively exploiting these vulnerabilities in HPE Aruba Networking Management Software (AirWave) or in any other HPE Aruba Networking products. More information can be found at: https://www.kb.cert.org/vuls/id/952657 Revision History ================ Revision 1 / 2025-Nov-18 / Initial release HPE Aruba Networking SIRT Security Procedures ============================== Complete information on reporting security vulnerabilities in HPE Aruba Networking products and obtaining assistance with security incidents is available at: https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00100637en_us For reporting *NEW* HPE Aruba Networking security issues, email can be sent to aruba-sirt(at)hpe.com. For sensitive information we encourage the use of PGP encryption. Our public keys can be found at: https://www.hpe.com/info/psrt-pgp-key (c) Copyright 2025 by Hewlett Packard Enterprise Development LP. This advisory may be redistributed freely after the release date given at the top of the text, provided that the redistributed copies are complete and unmodified, including all data and version information -----BEGIN PGP SIGNATURE----- iQHLBAEBCAA1FiEEMErWmuZGsYOCo0+xpjMm7I0cE64FAmkXQhEXHHNlY3VyaXR5 LWFsZXJ0QGhwZS5jb20ACgkQpjMm7I0cE658igv5Ac5Pa7LRo34b4bfl5y2aiENX uWEFqF+pTt0a0CP2KuZojhPQebPyMCoVN0sOpeIxk6BIVzi0M76zGfzefpdqhYhk ZFspHndtOabAGkaos3y4E9T0WvCrK3bK4/u91NU+KZ4FtkVHMlDre2UFzb3pZmrt LSsxVQzgkODOqi9e0nWMd1MAUAL+lZjBQeP+TCR18bKBhpFdsFYvIzEIPn8y7QQo LdStFNtM9+SY5OVQ8zyfHoFJPs8tpYOkSxG1XNTo0ItL1WKH42oLJeSQ8qz5marp ek3gdFK5axaH5YDPU+Zlh0uIS+or3BTDd2T+uoDs4lzt1wWzReNe+a61sSC+H7Ko mxD5s+776giLBTQx7bWcne8R5RfsHx1BRHLYo8Epr8MJIeuxVhhfQhhYCtT59VnR 481+vDu/wvmyNI9vOl413MFvR4LjNaEFBD4QVDLC60pQEKkHcVJF87rvNw73yl3+ r97VswLePzw7c6yJZLdqiXRgNcffFFCJieBuEO1L =XTDF -----END PGP SIGNATURE-----