CVE-2022-37891

07.10.2022, 18:15

Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface. Successful exploitation results in the execution of arbitrary commands on the underlying operating system of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InnstantOS that address these security vulnerabilities.

Classic Buffer Overflow

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
hpe	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 66%

Vendor	Product	Version
arubanetworks	arubaos	10.3.0.0 ≤ 𝑥 < 10.3.1.1
arubanetworks	instant	6.4.0.0 ≤ 𝑥 < 6.4.4.8-4.2.4.21
arubanetworks	instant	6.5.0.0 ≤ 𝑥 < 6.5.4.24
arubanetworks	instant	8.6.0.0 ≤ 𝑥 < 8.6.0.19
arubanetworks	instant	8.7.0.0 ≤ 𝑥 < 8.7.1.10
arubanetworks	instant	8.10.0.0 ≤ 𝑥 < 8.10.0.2
siemens	scalance_w1750d_firmware	*

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References

https://cert-portal.siemens.com/productcert/pdf/ssa-506569.pdf

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt

https://cert-portal.siemens.com/productcert/pdf/ssa-506569.pdf

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-014.txt