CVE-2020-24636 – This vulnerability allows remote attackers to e... (How to Fix)

Q: What is the severity of CVE-2020-24636?

CVE-2020-24636 has a CVSS score of 9.8 (CRITICAL). This vulnerability allows remote attackers to execute arbitrary commands on affected Aruba Instant Access Points (IAPs) without authentication. It affects multiple Aruba Instant versions across several product lines. Attackers can gain full control of vulnerable devices.

📋 TL;DR

This vulnerability allows remote attackers to execute arbitrary commands on affected Aruba Instant Access Points (IAPs) without authentication. It affects multiple Aruba Instant versions across several product lines. Attackers can gain full control of vulnerable devices.

💻 Affected Systems

Products:

Aruba Instant Access Point (IAP)

Versions: Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.5 and below; Aruba Instant 8.7.x: 8.7.0.0 and below

Operating Systems: Aruba Instant OS

Default Config Vulnerable: ⚠️ Yes

Notes: All affected versions in default configuration are vulnerable. No special configuration required for exploitation.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the access point, allowing attackers to pivot to internal networks, intercept traffic, deploy malware, or use the device as a foothold for further attacks.

🟠

Likely Case

Attackers gain administrative access to the access point, enabling them to modify configurations, disrupt network services, or steal sensitive data passing through the device.

🟢

If Mitigated

With proper network segmentation and access controls, impact is limited to the affected access point itself, preventing lateral movement to other systems.

🌐 Internet-Facing: HIGH

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

CVSS 9.8 indicates critical severity with low attack complexity and no authentication required. While no public PoC is confirmed, weaponization is likely given the severity and ease of exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Aruba Instant 6.5.4.18+, 8.3.0.14+, 8.5.0.11+, 8.6.0.6+, 8.7.0.1+

Vendor Advisory: https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-007.txt

Restart Required: Yes

Instructions:

1. Download appropriate patch from Aruba support portal. 2. Upload firmware to affected IAPs. 3. Apply update through web interface or CLI. 4. Reboot devices after patching. 5. Verify successful update.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate IAP management interfaces from untrusted networks

Access Control Lists

all

Restrict management interface access to trusted IP addresses only

🧯 If You Can't Patch

Immediately isolate affected IAPs from internet-facing networks
Implement strict network segmentation to limit potential lateral movement

🔍 How to Verify

Check if Vulnerable:

Check IAP firmware version via web interface (System > About) or CLI (show version)

Check Version:

show version

Verify Fix Applied:

Confirm firmware version is at or above patched versions: 6.5.4.18, 8.3.0.14, 8.5.0.11, 8.6.0.6, or 8.7.0.1

📡 Detection & Monitoring

Log Indicators:

Unusual command execution in system logs
Unauthorized configuration changes
Unexpected reboots or service restarts

Network Indicators:

Unusual outbound connections from IAPs
Traffic patterns inconsistent with normal operation
Management interface access from unexpected sources

SIEM Query:

source="aruba-iap" AND (event_type="command_execution" OR event_type="config_change")

📊 Metadata

CVE ID: CVE-2020-24636

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-78

Published: March 29, 2021

Last Updated: November 21, 2024

🔗 References

https://cert-portal.siemens.com/productcert/pdf/ssa-723417.pdf Patch,Third Party Advisory
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-007.txt Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-723417.pdf Patch,Third Party Advisory
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-007.txt Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-24636, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Instant by Arubanetworks

Instant by Arubanetworks

Instant by Arubanetworks

Instant by Arubanetworks

Instant by Arubanetworks

Scalance W1750d Firmware by Siemens

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Network Segmentation

Access Control Lists

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities