HPE Warns Sudo Bug Gives Attackers Root Privileges to Aruba Platform

From threatpost.com

Hewlett Packard Enterprise (HPE) is warning a vulnerability in Sudo, an open-source program used within its Aruba AirWave management platform, could allow any unprivileged and unauthenticated local user to gain root privileges on a vulnerable host.

Rated high in severity, HPE warns the Sudo flaw could be part of a “chained attack” where an “attacker has achieved a foothold with lower privileges via another vulnerability and then uses this to escalate privileges,” according to a recent HPE security bulletin.

The Aruba AirWave management platform is HPE’s real-time monitoring and security alert system for wired and wireless infrastructures. The Sudo bug (CVE-2021-3156) was reported in January by Qualys researchers and is believed to impact millions of endpoint devices and systems.

Read more…