- HPE fixes five vulnerabilities in Aruba AOS-CX
- Critical bug (CVE-2026-23813) allowed administrator password reset
- The company is urging mitigation until fixes are implemented
Hewlett Packard Enterprise (HPE) has warned its customers after discovering five vulnerabilities in its products, including one that cybercriminals could use to take over certain endpoints.
In a recently released security advisory, HPE said it addressed a critical authentication bypass flaw that can be used by unauthenticated attackers in low-complexity attacks to reset administrator passwords. The bug is now tracked as CVE-2026-23813 and has a severity score of 9.1/10 (Critical).
It affects the Aruba Networking AOS-CX operating system, a cloud-native network operating system built for HPE’s CX series campus and data center switch hardware.
The article continues below
Patches and workarounds
“A vulnerability has been identified in the web-based management interface of AOS-CX switches that could potentially allow an unauthorized remote actor to bypass existing authentication controls,” HPE said in the announcement. “In some cases, this may enable resetting the administrator password.”
The other four vulnerabilities are now tracked as CVE-2026-23814, CVE-2026-23815, CVE-2026-23816, and CVE-2026-23817, apparently affecting AOS-CX 10.17.xxxx: AOS-CX 10.17.xxxx: 100.17 and below. 10.16.xxxx: 10.16.1020 and below, AOS-CX 10.13.xxxx: 10.13.1160 and below, and AOS-CX 10.10.xxxx: 10.10.1170 and below.
The good news is that there are no reports of abuse in the wild yet.
If you can’t apply the fix right away, HPE also shared a list of possible workarounds:
Restrict access to all management interfaces to a dedicated Layer 2 segment or VLAN to isolate management traffic from general network traffic,
Implement strict policies at Layer 3 and above to control access to management interfaces, allowing only authorized and trusted hosts,
Disable HTTP(S) interfaces on Switched Virtual Interfaces (SVIs) and routed ports where management access is not required,
Enforce Control Plane Access Control Lists (ACLs) to protect any REST/HTTP-enabled management interfaces and ensure that only trusted clients are allowed to connect to the HTTPS/REST endpoints,
Enable comprehensive accounting, logging and monitoring of all management interface activity to detect and respond to unauthorized access attempts promptly.
Via Bleeping Computer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
