-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

HPE Aruba Networking Product Security Advisory
===============================
Advisory ID: ARUBA-PSA-2023-011
CVE: CVE-2023-38401, CVE-2023-38402
Publication Date: 2023-Aug-15
Status: Confirmed
Severity: High
Revision: 1


Title
=====
Multiple Vulnerabilities in HPE Aruba Networking Virtual Intranet
Access (VIA) Windows Client


Overview
========
HPE Aruba Networking has released an update to the HPE Aruba
Networking Virtual Intranet Access (VIA) client for the Microsoft
Windows operating system that addresses multiple security
vulnerabilities. These vulnerabilities do not affect HPE Aruba
Networking Virtual Intranet Access (VIA) clients for other
operating systems.


Affected Products
=================
These vulnerabilities affect HPE Aruba Networking Virtual
Intranet Access (VIA) clients running the following versions
unless specifically noted otherwise in the details section:

  - HPE Aruba Networking Virtual Intranet Access (VIA) client for
    Microsoft Windows:
    - 4.5.0 and below

Updating HPE Aruba Networking Virtual Intranet Access (VIA) to
a version listed in the Resolution section at the end of this
advisory will resolve all issues in the details section.


Details
=======

  Local Privilege Escalation in HPE Aruba Networking Virtual
  Intranet Access (VIA) Microsoft Windows Client
  (CVE-2023-38401)
  ---------------------------------------------------------------------
    A vulnerability in the HPE Aruba Networking Virtual Intranet
    Access (VIA) client could allow local users to elevate
    privileges. Successful exploitation could allow execution of
    arbitrary code with NT AUTHORITY\SYSTEM privileges on the
    operating system.

    Internal references: ATLCP-234
    Severity: High
    CVSSv3 Overall Score: 7.8
    CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

    Discovery: This vulnerability was discovered and reported
    by Will Dormann (@wdormann) via HPE Aruba Networking's Bug
    Bounty Program.


  Arbitrary File Overwrite in HPE Aruba Networking Virtual Intranet
  Access (VIA) Microsoft Windows Client
  (CVE-2023-38402)
  ---------------------------------------------------------------------
    A vulnerability in the HPE Aruba Networking Virtual Intranet
    Access (VIA) client could allow malicious users to overwrite
    arbitrary files as NT AUTHORITY\SYSTEM. A successful
    exploit could allow these malicious users to create a
    Denial-of-Service (DoS) condition affecting the Microsoft
    Windows operating System boot process.

    Internal references: ATLCP-245
    Severity: High
    CVSSv3 Overall Score: 7.1
    CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

    Discovery: This vulnerability was discovered and reported by
    Gee-netics via HPE Aruba Networking's Bug Bounty Program.


Resolution
==========
The vulnerabilities contained in this advisory can be addressed
by upgrading to the HPE Aruba Networking Virtual Intranet Access
(VIA) version listed below

  - HPE Aruba Networking Virtual Intranet Access (VIA) for
    Microsoft Windows:
    - Version 4.6.0 and above

HPE Aruba Networking does not evaluate or patch
HPE Aruba Networking Virtual Intranet Access (VIA)
versions that have reached their End of Maintenance
(EoM) milestone. For more information about HPE
Aruba Networking's End of Support policy visit:
https://www.arubanetworks.com/support-services/end-of-life/


Workaround
==========
There is no workaround for these vulnerabilities.


Exploitation and Public Discussion
==================================
HPE Aruba Networking is aware of limited public discussion
regarding CVE-2023-38401.


Revision History
================
Revision 1 / 2023-Aug-15 / Initial release


Aruba SIRT Security Procedures
==============================
Complete information on reporting security vulnerabilities in HPE
Aruba Networking products and obtaining assistance with security
incidents is available at:

https://www.arubanetworks.com/support-services/security-bulletins/

For reporting *NEW* HPE Aruba Networking security issues, email
can be sent to aruba-sirt(at)hpe.com. For sensitive information
we encourage the use of PGP encryption. Our public keys can be
found at:

https://www.arubanetworks.com/support-services/security-bulletins/

(c) Copyright 2023 by Hewlett Packard Enterprise Development LP.
This advisory may be redistributed freely after the release date
given at the top of the text, provided that the redistributed
copies are complete and unmodified, including all data and
version information.
-----BEGIN PGP SIGNATURE-----

iQFLBAEBCAA1FiEEMd5pP5EnbG7Y0fo5mP4JykWFhtkFAmS2kP4XHHNpcnRAYXJ1
YmFuZXR3b3Jrcy5jb20ACgkQmP4JykWFhtlc4wf+LWCj20dOTjfON7SVysEi8z1s
cM1Df6hhGjt0pJ9xhigcRAlivQN8anTmxY719SpwViefC5XPQbTR+QvJFBCbLp9D
FtlxpWIAz1db5bmo+IwgARuucb/FWVra1ydSMn0Uj1xQ9evT/rIFMn0I3t7Bs/mF
mu4Jm/O/bNdIw3AFdrRUjOs6wiA1JSjqiyeHSJCTOi5LGI3HM3QfgA4EGsFExfFd
J2EkReEuRw+j+JjYYKcmb+K1ICcqVqPfIygu/QxDwFqvF6JpbGabvF6/ZUBa/XC3
kJpICrvv+KQy7S6m58Ki6SX72/nO3NhVraDwJHZjAUcBgtaQa9SwfSD/1xNsnA==
=y1gc
-----END PGP SIGNATURE-----