About:
CVE-2026-23813 is a critical authentication bypass vulnerability affecting HPE Aruba Networking AOS-CX devices. The flaw exists due to improper authentication handling within the device management interface, which could allow a remote attacker to bypass authentication controls. Successful exploitation may enable an attacker to reset administrative credentials or gain unauthorized administrative access to affected networking infrastructure, potentially leading to full control of the device and network configuration.
RedLegg will occasionally communicate vulnerabilities released outside the usual release schedule to provide additional value to our customers. These emergency bulletins describe vulnerabilities or threats we classify as the highest severity level and warrant out-of-band emergency patching or mitigation action.
VULNERABILITIES
Authentication Bypass Vulnerability in HPE Aruba Networking AOS-CX
CVSS Score: 9.8 (Critical, CVSS v3.1)
Identifier: CVE-2026-23813
PoC or Exploitation:
As of the vendor advisory release, HPE Aruba Networking reports no evidence of active exploitation and no publicly available proof-of-concept exploit code for this vulnerability.
Update/ Patch:
HPE Aruba Networking released security updates addressing CVE-2026-23813 as part of the Aruba Networking security advisory.
Affected devices include Aruba networking infrastructure running vulnerable versions of AOS-CX. Organizations should upgrade to the fixed software versions listed in the vendor advisory.
HPE advisory and patch guidance:
Description:
CVE-2026-23813 is an authentication bypass vulnerability affecting HPE Aruba Networking AOS-CX devices. The issue exists due to improper authentication handling within the management interface of the affected systems.
A remote attacker may exploit this flaw to bypass authentication controls and potentially reset administrative credentials or gain unauthorized administrative access to the device.
Mitigation Recommendation:
Immediately upgrade affected HPE Aruba Networking AOS-CX devices to the fixed versions referenced in the HPE security advisory.
Restrict access to device management interfaces to dedicated management networks or management VLANs.
Disable web-based management interfaces if they are not required for operational use.
Implement access control lists or firewall policies to restrict administrative access to trusted hosts only.