Several vulnerabilities have been found in the AP software of HPE Aruba Networks.
Access points running on InstantOS and ArubaOS 10 have been affected. This includes all standalone Instant clusters and Aruba Central connected access points.
APs that are managed by a mobility controller are not impacted.
Impacted Products
HPE Aruba Networking
- Aruba access points InstantOS en ArubaOS 10
Impacted Software Versions:
- ArubaOS 10.5.x.x: 10.5.0.0 and earlier
- ArubaOS 10.4.x.x: 10.4.0.2 and earlier
- InstantOS 8.11.x.x: 8.11.1.2 and earlier
- InstantOS 8.10.x.x: 8.10.0.8 and earlier
- InstantOS 8.6.x.x: 8.6.0.22 and earlier
We therefore strongly recommend upgrading to 1 of the software versions below as soon as possible.
- ArubaOS 10.5.x.x: 10.5.0.1 and later
- ArubaOS 10.4.x.x: 10.4.0.3 and later
- InstantOS 8.11.x.x: 8.11.2.0 and later
- InstantOS 8.10.x.x: 8.10.0.9 and later
- InstantOS 8.6.x: 8.6.0.23 and later
If you need help from the Group K NOC to do so, please do not hesitate to contact us on support@group-k.be or contact your account manager.