CVE-2024-41134
Published: 24 July 2024
Summary
CVE-2024-41134 is a high-severity Command Injection (CWE-77) vulnerability in Arubanetworks (inferred from references). Its CVSS base score is 7.2 (High).
Operationally, ranked in the top 26.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-38943
Vulnerability details
A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line Interface that allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability will result in the ability to execute arbitrary…
more
commands as root on the underlying operating system leading to complete system compromise
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.