Critical Vulnerability Information Vulnerability Overview Vulnerability ID: HPSBGN03426 rev.4 Vulnerability Description: Remote arbitrary code execution vulnerability in HP Mobility Software. Security Impact: Remote execution of arbitrary code. Source: Hewlett Packard Enterprise, HPE Product Security Response Team. Related CVE: CVE-2015-0235 Related SSRT: SSRT102283 Affected Products HPE MSM-802.11n Dual-Radio Access Point Series HPE MSM Controller Series Affected Software Versions HP Mobility Software v6.4.0.0 HP Mobility Software v6.5.0.0 Background Information CVSS 2.0 Base Score: 10.0 Solution Please update or upgrade to the following versions or higher: - HP Mobility Software v6.4.3.0 - HP Mobility Software v6.5.3.0 Software updates are available by logging into the "My Networking" portal: Update Link Version History Version 1 (rev.1): November 2, 2015, initial release. Version 2 (rev.2): November 2, 2015, updated URL and product information. Version 3 (rev.3): November 12, 2015, corrected supported software version information. Version 4 (rev.4): November 12, 2015, added MSM775 and MSM765 to the list of affected products. Third-Party Security Patches Third-party security patches should be installed in accordance with the customer’s security patch management policy.