Aruba VIA Client Vulnerability: Arbitrary File Overwrite and DoS in Windows Boot Process

Aruba VIA Client Vulnerability: Arbitrary File Overwrite and DoS in Windows Boot Process

CVE-2023-38402 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process.

Learn more about our Network Penetration Testing.