CVE-2024-25611

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Mar 5, 2024
Updated: Jul 3, 2024
CWE ID 77

Summary

CVE-2024-25611 refers to authenticated command injection vulnerabilities present in the ArubaOS command line interface. These vulnerabilities allow attackers with valid credentials to inject and execute arbitrary commands with elevated privileges on the underlying operating system. Successfully exploiting these flaws can lead to significant security risks, including unauthorized system access and data breaches. Systems running affected versions of ArubaOS are at risk until patches are applied.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share