- HPE patches five vulnerabilities in Aruba AOS-CX
- A critical flaw (CVE-2026-23813) allowed the administrator password to be reset
- The company urges mitigations until solutions are applied
Hewlett Packard Enterprise (HPE) warned its customers after discovering five vulnerabilities in its products, including one that cybercriminals could use to take over certain endpoints.
In a recently published security advisory, HPE said it addressed a critical authentication bypass flaw that can be used by unauthenticated attackers in low-complexity attacks to reset administrator passwords. The bug is now tracked as CVE-2026-23813 and has a severity score of 9.1/10 (critical).
It affects the Aruba Networking AOS-CX operating system, a cloud-native networking operating system built for HPE CX Series campus and data center switch hardware.
Article continues below.
Patches and solutions
“A vulnerability has been identified in the web-based management interface of AOS-CX switches that could allow an unauthenticated remote actor to bypass existing authentication controls,” HPE said in the advisory. “In some cases, this could allow you to reset the administrator password.”
The other four vulnerabilities are now tracked as CVE-2026-23814, CVE-2026-23815, CVE-2026-23816, and CVE-2026-23817, and apparently affect AOS-CX 10.17.xxxx: 10.17.0001 and below, AOS-CX 10.16.xxxx: 10.16.1020 and earlier, AOS-CX 10.13.xxxx: 10.13.1160 and earlier, and AOS-CX 10.10.xxxx: 10.10.1170 and earlier.
The good news is that there are no reports of abuse in the wild yet.
If you are unable to apply the fix immediately, HPE also shared a list of possible mitigations:
Restrict access to all management interfaces to a dedicated Layer 2 segment or VLAN to isolate management traffic from general network traffic.
Implement strict policies at Layer 3 and above to control access to management interfaces, allowing only authorized and trusted hosts.
Disable HTTP(S) interfaces on switched virtual interfaces (SVI) and routed ports where management access is not required.
Apply access control lists (ACLs) to the control plane to secure any REST/HTTP-enabled management interfaces, ensuring that only trusted clients can connect to HTTPS/REST endpoints.
Enable comprehensive accounting, logging, and monitoring of all management interface activities to detect and respond to unauthorized access attempts promptly.
Through beepcomputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
