Cyber Resilience

CVE-2024-26305

Critical

Published: 01 May 2024

Published
01 May 2024
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0799 92.3th percentile
Risk Priority 24 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-26305 is a critical-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Arubanetworks (inferred from references). Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 7.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

CVE-2024-26305 is a stack-based buffer overflow in the Utility daemon of Aruba networking devices. The flaw resides in the handling of Aruba's PAPI management protocol and can be triggered over UDP port 8211, allowing unauthenticated remote code execution with privileged operating-system rights.

An attacker with network reachability to the PAPI port can send specially crafted packets that overflow the buffer and execute arbitrary code without authentication or user interaction. Successful exploitation grants full control of the underlying operating system on affected access points and controllers.

Aruba published advisory ARUBA-PSA-2024-004 describing the issue and directing customers to available software updates.

EPSS for the CVE rose from low values after disclosure to a peak of 0.1645 in December 2025 before receding to the current 0.0799, indicating a period of increased exploitation interest that later subsided.

EU & UK References

Vulnerability details

There is a buffer overflow vulnerability in the underlying Utility daemon that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this…

more

vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

Arubanetworks
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References