By Ionut Arghire
Publication Date: 2026-03-14 10:50:00
Hewlett Packard Enterprise (HPE) this week announced patches for a critical vulnerability in Aruba Networking AOS-CX that could be exploited to reset administrator passwords.
The issue, identified as CVE-2026-23813 (CVSS score 9.8), affects the web-based management interface of AOS-CX switches and can be exploited remotely, without authentication, to bypass authentication checks.
The bug affects HPE Aruba Networking CX 4100i, CX 6000, CX 6100, CX 6200, CX 6300, CX 6400, CX 8320, CX 8325, CX 8360, CX 9300, and CX 10000 series switches.
Successful exploitation of the security flaw could allow attackers to take control of vulnerable AOS-CX switches and potentially compromise entire systems, says Corsica Technologies CISO Ross Filipek.
“A successful compromise could lead to disruption of network communications or erosion of the integrity of key business services. When attackers gain privileged access to these devices, it puts organizations in…
