Memory corruption

2023-08-2920:15:00

PRIOn knowledge base

www.prio-n.com

arubaos-switch

memory corruption

vulnerability

remote code execution

unauthenticated

privileged user

operating system

9.7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.4%

JSON

A memory corruption vulnerability in ArubaOS-Switch could lead to unauthenticated remote code execution by receiving specially crafted packets. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.

CPENameOperatorVersion
arubaos-switcheq< a.15.16.26
arubaos-switchge16.01.0000
arubaos-switchlt16.04.0027
arubaos-switchge16.05.0000
arubaos-switchlt16.08.0027
arubaos-switchge16.10.0001
arubaos-switchlt16.10.0024
arubaos-switchge16.11.0001
arubaos-switchlt16.11.0013

Name	Operator	Version
arubaos-switch	eq	< a.15.16.26
arubaos-switch	ge	16.01.0000
arubaos-switch	lt	16.04.0027
arubaos-switch	ge	16.05.0000
arubaos-switch	lt	16.08.0027
arubaos-switch	ge	16.10.0001
arubaos-switch	lt	16.10.0024
arubaos-switch	ge	16.11.0001
arubaos-switch	lt	16.11.0013

References

www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-013.txt