First published: Tue Nov 14 2023(Updated: )
An authenticated vulnerability has been identified allowing an attacker to effectively establish highly privileged persistent arbitrary code execution across boot cycles.
|Affected Software||Affected Version||How to fix|
The vulnerability ID is CVE-2023-45626.
The severity level of CVE-2023-45626 is high.
The affected software includes Arubanetworks ArubaOS versions 10.3.0.0 to 10.4.0.3, 10.5.0.0, and Hp InstantOS versions 18.104.22.168 to 22.214.171.124, 126.96.36.199 to 188.8.131.52, and 184.108.40.206 to 220.127.116.11.
An attacker can establish highly privileged persistent arbitrary code execution across boot cycles.
It is recommended to refer to the Aruba Networks advisory at https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-017.txt for instructions on how to address the vulnerability.