TLStorm 2.0 impacts Aruba and Avaya Network Switches


By MYBRANDBOOK


TLStorm 2.0 impacts Aruba and Avaya Network Switches

Cybersecurity researchers have found as many as five severe security flaws in the implementation of TLS protocol in several models of Aruba and Avaya network switches that could be exploited to gain remote access to enterprise networks and steal valuable information.

 

The findings follow the March disclosure of TLStorm, a set of three critical flaws in APC Smart-UPS devices that could permit an attacker to take over control and physically damage the appliances. Dubbed as TLStorm 2.0, the new set of flaws provide Aruba and Avaya network switches vulnerable to remote code execution vulnerabilities.

 

Affected devices include Avaya ERS3500 Series, ERS3600 Series, ERS4900 Series, and ERS5900 Series as well as Aruba 5400R Series, 3810 Series, 2920 Series, 2930F Series, 2930M Series, 2530 Series, and 2540 Series.

 

It enables the attacker to seize the devices, move laterally across the network, and leak sensitive data. The vulnerabilities found in Avaya switches are zero-click, meaning they can be activated via unauthenticated network packets without any user interaction, which is even more concerning.

 

The list of bugs is as follows -

· CVE-2022-23676 - Two memory corruption vulnerabilities in the RADIUS client implementation of Aruba switches

· CVE-2022-23677 - NanoSSL misuse on multiple interfaces in Aruba switches

· CVE-2022-29860 - TLS reassembly heap overflow vulnerability in Avaya switches

· CVE-2022-29861 - HTTP header parsing stack overflow vulnerability in Avaya switches

· HTTP POST request handling heap overflow vulnerability in a discontinued Avaya product line

 

Organizations deploying impacted Avaya and Aruba devices are highly recommended to apply the patches to alleviate any potential exploit attempts.

 E-Magazine 
 VIDEOS  Placeholder image

Copyright www.mybrandbook.co.in @1999-2024 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org