Critical vulnerabilities discovered in millions of network switches

Companies urged to patch immediately

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Cybersecurity researchers from Armis have discovered five high severity vulnerabilities inendpointsmanufactured by Aruba (enterprise networking and security solutions) and Avaya (cloudcommunications and workstream collaboration).

The flaws are rated 9.0 and higher in severity, and can be found in multiple network switches commonly seen in airports, hospitals, hotels, and other similar venues.

Collectively, they’ve been dubbed TLStorm 2.0, as a follow-up to TLStorm, a series of critical vulnerabilities discovered in millions of Schneider Electric APC Smart-UPS devices.

Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at theend of this surveyto get the bookazine, worth $10.99/£10.99.

NanoSSL

According to the researchers, it’s the NanoSSL, a TLS library, that carries the flaw in the network gear. More than 10 million endpoints are currently affected by the flaws, and given their severity, organizations deploying these devices are urged to apply the patches, immediately.

Among other things, the flaws allow for remote code execution anddata theft.

“Some of the vulnerabilities can be triggered with noauthentication, no user interaction, and that’s why they’re so severe,” Armis' head of research Barak Hadad toldThe Register.

So far, there are no reports of the flaws being used in the wild, but now that they’re out in the open, they’re bound to be exploited, which is why applying the fix immediately is paramount.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Your printer: it’s a vulnerable, connected device>Billions of Wi-Fi and Bluetooth devices vulnerable to password and data theft attacks>Millions of IoT devices and routers could have a mega security flaw

The researchers also said they believe other vendors using NanoSSL could also be in trouble:

“We know that Avaya, Aruba, and APC are vulnerable. And we’ve been working with them to make sure that their devices will not be vulnerable in the future,” Hadad said. “But I’m pretty sure there are other vendors that are vulnerable to this.”

The vulnerabilities are tracked as CVE-2022-23676, CVE-2022-23677, CVE-2022-29860, and CVE-2022-29861, while the fifth one doesn’t have CVE as it was found in discontinued Avaya products.

The devices vulnerable to the flaws include:

Aruba 5400R SeriesAruba 3810 SeriesAruba 2920 SeriesAruba 2930F SeriesAruba 2930M SeriesAruba 2530 SeriesAruba 2540 Series

For Avaya, these are the vulnerable devices:

ERS3500 SeriesERS3600 SeriesERS4900 SeriesERS5900 Series

Via:The Register

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics

This new phishing strategy utilizes GitHub comments to distribute malware

iStorage Group acquires Kanguru Solutions as it looks to expand security offering