A vulnerability exists in HPE Aruba Networking wireless operating systems AOS-8 and AOS-10, affecting access points, mobility conductors, controllers, and gateways. The issue arises from the packet processing logic, which may allow an authenticated attacker to craft and send a malicious Wi-Fi frame. This frame can be misclassified as group-addressed traffic and re-encrypted with the Group Temporal Key (GTK) of a targeted BSSID. Exploitation of this vulnerability could enable unauthorized traffic injection that bypasses GTK encryption, and when used with a port-stealing technique, could redirect intercepted traffic to facilitate machine-in-the-middle (MitM) attacks across different BSSIDs.
Exploitation allows for GTK-independent traffic injection, which can be used to redirect and intercept network traffic from a victim, potentially leading to eavesdropping, session hijacking, or causing a denial-of-service.
Users are advised to upgrade to HPE Aruba Networking AOS-10.8.0.1 and above, AOS-10.7.2.3 and above, AOS-10.4.1.11 and above, AOS-8.13.1.2 and above, AOS-8.12.0.7 and above, or AOS-8.10.0.22 and above. For more information, visit the HPE Networking Support Portal.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
