N/A

A vulnerability exists in the firmware of embedded BLE radios that are part of some Aruba Access points. An attacker who is able to exploit the vulnerability could install new, potentially malicious firmware into the AP's BLE radio and could then gain access to the AP's console port. This vulnerability is applicable only if the BLE radio has been enabled in affected access points. The BLE radio is disabled by default. Note - Aruba products are NOT affected by a similar vulnerability being tracked as CVE-2018-16986.

N/A

N/A

多款Aruba产品安全特征问题漏洞

Aruba AP-3xx等都是美国安移通网络（Aruba Networks）公司的无线访问接入点设备。embedded BLE radios是其中的一个嵌入式无线电台。 多款Aruba产品中的嵌入式BLE radios的固件存在安全漏洞。远程攻击者可利用该漏洞将恶意的固件安装到BLE radio中，进而获取AP控制台端口的访问权限。以下产品和版本和受到影响：Aruba AP-3xx；IAP-3xx；AP-203R；AP-203RP；ArubaOS 6.4.4.20之前的6.4.4.x版本，6.5.3.9之

N/A

N/A