CVE-2024-33511
Published: 01 May 2024
Summary
CVE-2024-33511 is a critical-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Arubanetworks (inferred from references). Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 4.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2024-33511 is a buffer overflow vulnerability in the Automatic Reporting service of Aruba networking products. The flaw resides in the handling of Aruba's PAPI access-point management protocol and is reachable on UDP port 8211. Successful exploitation grants an attacker the ability to run arbitrary code with elevated privileges on the underlying operating system.
An unauthenticated remote attacker can exploit the issue by sending specially crafted PAPI packets to the affected UDP port. No authentication or user interaction is required, and the CVSS 9.8 score reflects that the attack can be carried out over the network with low complexity, resulting in full confidentiality, integrity, and availability impact.
Aruba has published advisory ARUBA-PSA-2024-004.txt that addresses the vulnerability. The EPSS score for this CVE has remained steady at 0.2285 with no material increase observed after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-31249
Vulnerability details
There is a buffer overflow vulnerability in the underlying Automatic Reporting service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of…
more
this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.