Security updates: Aruba EdgeConnect SD-WAN vulnerable to multiple attacks
The developers at HPE have closed several dangerous security gaps in Aruba's SD-WAN solution EdgeConnect.
(Image: Tatiana Popova/Shutterstock.com)
Following successful attacks on HPE Aruba Networking EdgeConnect SD-WAN Gateways, attackers can penetrate networks and execute their own commands, among other things. Security updates have been released to counter this. The developers have closed a total of ten vulnerabilities. No other products should be affected by the vulnerabilities.
The dangers
Admins use the software to manage a wide area network (WAN). As can be seen from two warning messages(1, 2), the majority of the vulnerabilities are classified as "high". For example, attackers can use a vulnerability (CVE-2024-41914) in the web management interface for a persistent XSS attack. Malicious code is then executed in the victim's browser.
Videos by heise
Another vulnerability (CVE-2024-41133) affects the command line interface. Authenticated remote attackers can use this interface to execute commands with root privileges. According to the developers, this leads to a complete compromise of systems. Attackers can also bypass access restrictions and access information that is sealed off.
Updates available
The developers state that they have closed the gaps in the versions ECOS 9.3.x: ECOS 9.3.4.0, ECOS 9.4.x: ECOS 9.4.2.0 and ECOS 9.5.x: ECOS 9.5.0.0. The following versions are still in support and will receive the security patches:
- HPE Aruba Networking EdgeConnect SD-WAN 9.2.x.x
- HPE Aruba Networking EdgeConnect SD-WAN 9.3.x.x
- HPE Aruba Networking EdgeConnect SD-WAN 9.4.x.x
- HPE Aruba Networking EdgeConnect SD-WAN 9.5.x.x
So far, there are no indications of ongoing attacks. HPE nevertheless advises network admins to update quickly in order to secure systems.
(des)
