Critical vulnerabilities discovered in millions of network switches

News
By published

Companies urged to patch immediately

Representational image depecting cybersecurity protection
(Image credit: Shutterstock)

Cybersecurity researchers from Armis have discovered five high severity vulnerabilities in endpoints manufactured by Aruba (enterprise networking and security solutions) and Avaya (cloud communications and workstream collaboration).

The flaws are rated 9.0 and higher in severity, and can be found in multiple network switches commonly seen in airports, hospitals, hotels, and other similar venues.

Collectively, they’ve been dubbed TLStorm 2.0, as a follow-up to TLStorm, a series of critical vulnerabilities discovered in millions of Schneider Electric APC Smart-UPS devices. 

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022end of this survey

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/£10.99.

NanoSSL

According to the researchers, it’s the NanoSSL, a TLS library, that carries the flaw in the network gear. More than 10 million endpoints are currently affected by the flaws, and given their severity, organizations deploying these devices are urged to apply the patches, immediately.

Among other things, the flaws allow for remote code execution and data theft

"Some of the vulnerabilities can be triggered with no authentication, no user interaction, and that's why they're so severe," Armis' head of research Barak Hadad told The Register.

So far, there are no reports of the flaws being used in the wild, but now that they’re out in the open, they’re bound to be exploited, which is why applying the fix immediately is paramount. 

Read more

> Your printer: it's a vulnerable, connected device

> Billions of Wi-Fi and Bluetooth devices vulnerable to password and data theft attacks

> Millions of IoT devices and routers could have a mega security flaw

The researchers also said they believe other vendors using NanoSSL could also be in trouble:

"We know that Avaya, Aruba, and APC are vulnerable. And we've been working with them to make sure that their devices will not be vulnerable in the future," Hadad said. "But I'm pretty sure there are other vendors that are vulnerable to this."

The vulnerabilities are tracked as CVE-2022-23676, CVE-2022-23677, CVE-2022-29860, and CVE-2022-29861, while the fifth one doesn’t have CVE as it was found in discontinued Avaya products. 

The devices vulnerable to the flaws include:

Aruba 5400R Series
Aruba 3810 Series
Aruba 2920 Series
Aruba 2930F Series
Aruba 2930M Series
Aruba 2530 Series
Aruba 2540 Series

For Avaya, these are the vulnerable devices:

ERS3500 Series
ERS3600 Series
ERS4900 Series
ERS5900 Series

Via: The Register

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
An image of network security icons for a network encircling a digital blue earth.
Industrial networks exposed to attack by faulty Moxa devices
Best free Linux firewalls
SonicWall tells admins to patch worrying SSLVPN flaw immediately
vpn
Ivanti warns another critical security flaw is being attacked
The best free firewall
Palo Alto warns another major firewall hack has been detected
A VPN runs on a mobile phone placed on a laptop keyboard
SonicWall firewalls hit by worrying cyberattack
cables going into the back of a broadband router on white background
Netgear urges users to patch major router security issues now
Latest in Security
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Lock on Laptop Screen
Medusa ransomware is able to disable anti-malware tools, so be on your guard
An abstract image of digital security.
Fake file converters are stealing info, pushing ransomware, FBI warns
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Coinbase targeted after recent Github attacks
hacker.jpeg
Key trusted Microsoft platform exploited to enable malware, experts warn
IBM office logo
IBM to provide platform for flagship cyber skills programme for girls
Latest in News
Girl wearing Meta Quest 3 headset interacting with a jungle playset
Latest Meta Quest 3 software beta teases a major design overhaul and VR screen sharing – and I need these updates now
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Hatch Restore 3 in Putty
You can finally start your day with The Office theme song, and I couldn't be more excited
Cassian Andor looking nervously over his shoulder in Andor season 2
New Andor season 2 trailer has got Star Wars fans asking the same question – and it includes an ominous call back to Rogue One's official teaser
Ncuti Gatwa as The Fifteenth Doctor in Doctor Who
Disney+ drops new trailer for Doctor Who season 2 that promises an epic adventure across time and space
23andMe
23andMe is bankrupt and about to sell your DNA, here's how to stop that from happening
More about security
An abstract image of digital security.

Fake file converters are stealing info, pushing ransomware, FBI warns
Microsoft

"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
AI hallucinations

We're already trusting AI with too much – I just hope AI hallucinations disappear before it's too late
See more latest
Most Popular
Girl wearing Meta Quest 3 headset interacting with a jungle playset
Latest Meta Quest 3 software beta teases a major design overhaul and VR screen sharing – and I need these updates now
Hatch Restore 3 in Putty
You can finally start your day with The Office theme song, and I couldn't be more excited
Dell Pro Max with GB300
HP and Dell's latest Nvidia powered PCs are likely to be some of the most expensive workstations ever launched
Shape of Russia filled with Russian flag-colored internet codes on a black hacking background
A new wave of blocks in Russia targets VPN apps and Cloudflare subnets
An abstract image of digital security.
Fake file converters are stealing info, pushing ransomware, FBI warns
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Ncuti Gatwa as The Fifteenth Doctor in Doctor Who
Disney+ drops new trailer for Doctor Who season 2 that promises an epic adventure across time and space
Cassian Andor looking nervously over his shoulder in Andor season 2
New Andor season 2 trailer has got Star Wars fans asking the same question – and it includes an ominous call back to Rogue One's official teaser
23andMe
23andMe is bankrupt and about to sell your DNA, here's how to stop that from happening
Lock on Laptop Screen
Medusa ransomware is able to disable anti-malware tools, so be on your guard