Cyber Resilience

CVE-2022-23677

High

Published: 10 May 2022

Published
10 May 2022
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0569 90.6th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-23677 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Arubanetworks 5406R Firmware. Its CVSS base score is 8.1 (High).

Operationally, ranked in the top 9.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

A remote arbitrary code execution vulnerability exists in ArubaOS-Switch software running on Aruba networking devices. The affected releases include all versions of 15.xx.xxxx, 16.01.xxxx, 16.03.xxxx through 16.07.xxxx, and builds at or below K.16.02.0033, KB/WB/WC/YA/YB/YC.16.08.0024, KB/WB/WC/YA/YB/YC.16.09.0019, KB/WB/WC/YA/YB/YC.16.10.0019, and KB/WB/WC/YA/YB/YC.16.11.0003. The flaw is tracked as CWE-787 and carries a CVSS 3.1 score of 8.1.

An unauthenticated attacker may exploit the issue remotely over the network without user interaction. Although the attack complexity is rated high, successful exploitation can result in full control of the device, allowing arbitrary code execution that impacts confidentiality, integrity, and availability.

Aruba has published advisory ARUBA-PSA-2022-008 and released upgraded firmware versions that remediate the vulnerability for the listed ArubaOS-Switch releases. The current EPSS score of 0.0569 with a peak of 0.0649 does not indicate a material rise warranting renewed attention.

EU & UK References

Vulnerability details

A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions; ArubaOS-Switch 16.02.xxxx: K.16.02.0033 and below; ArubaOS-Switch 16.03.xxxx: All versions; ArubaOS-Switch 16.04.xxxx: All versions; ArubaOS-Switch 16.05.xxxx: All versions; ArubaOS-Switch 16.06.xxxx:…

more

All versions; ArubaOS-Switch 16.07.xxxx: All versions; ArubaOS-Switch 16.08.xxxx: KB/WB/WC/YA/YB/YC.16.08.0024 and below; ArubaOS-Switch 16.09.xxxx: KB/WB/WC/YA/YB/YC.16.09.0019 and below; ArubaOS-Switch 16.10.xxxx: KB/WB/WC/YA/YB/YC.16.10.0019 and below; ArubaOS-Switch 16.11.xxxx: KB/WB/WC/YA/YB/YC.16.11.0003 and below. Aruba has released upgrades for ArubaOS-Switch Devices that address these security vulnerabilities.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

arubanetworks
5406r firmware
15.00.0 — 15.16.0023 · 16.01.0 — 16.02.0034 · 16.03.0 — 16.04.0024
arubanetworks
2920 firmware
15.00.0 — 15.16.0023 · 16.01.0 — 16.02.0034 · 16.03.0 — 16.04.0024
arubanetworks
2930f firmware
15.00.0 — 15.16.0023 · 16.01.0 — 16.02.0034 · 16.03.0 — 16.04.0024
arubanetworks
2930m firmware
15.00.0 — 15.16.0023 · 16.01.0 — 16.02.0034 · 16.03.0 — 16.04.0024
arubanetworks
2530 firmware
15.00.0 — 15.16.0023 · 16.01.0 — 16.02.0034 · 16.03.0 — 16.04.0024
arubanetworks
2540 firmware
15.00.0 — 15.16.0023 · 16.01.0 — 16.02.0034 · 16.03.0 — 16.04.0024
arubanetworks
5412r firmware
15.00.0 — 15.16.0023 · 16.01.0 — 16.02.0034 · 16.03.0 — 16.04.0024
arubanetworks
2615 firmware
15.00.0 — 15.16.0023 · 16.01.0 — 16.02.0034 · 16.03.0 — 16.04.0024
arubanetworks
2620 firmware
15.00.0 — 15.16.0023 · 16.01.0 — 16.02.0034 · 16.03.0 — 16.04.0024
arubanetworks
2915 firmware
15.00.0 — 15.16.0023 · 16.01.0 — 16.02.0034 · 16.03.0 — 16.04.0024
+1 more product configuration(s) — see NVD for full list

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-787

Out-of-bounds writes that corrupt control flow or inject shellcode are rendered non-executable by the same memory protections.

References