HPE Aruba Networking Vulnerability Allows Privilege Escalation and DoS Attacks

vm_admin
HPE Aruba Networking Vulnerability Allows Privilege Escalation and DoS Attacks

By AnuPriya
Publication Date: 2026-02-12 13:27:00

Hewlett Packard Enterprise (HPE) recently revealed critical flaws in its Aruba Networking Private 5G Core software.

These issues allow remote attackers on adjacent networks to escalate privileges and launch denial of service (DoS) attacks. The notice, HPESBNW05002, was published on February 10, 2026.

Vulnerability Overview

Four vulnerabilities affect HPE Aruba Networking Private 5G Core versions 1.24.3.0 through 1.24.3.3.

They come from flaws in the administration and application APIs, allowing unauthenticated vulnerabilities. There is no workaround, so updating is essential.

CVE-2026-23595 is the most severe, with a CVSS score of 8.8 (high). Allows authentication bypass in the application API, allowing attackers to create administrator accounts for full control, including configuration changes and data manipulation. Attackers need access to the adjacent network (AV:A).

CVE-2026-23596 (CVSS 6.5, Medium) enables DoS via the Management API. Unauthenticated users can force the service to restart,

Related Posts

Intel: Undervalued Even Without A Turnaround (NASDAQ:INTC)
Intel: Undervalued Even Without A Turnaround (NASDAQ:INTC)

Intel: Undervalued Even Without A Turnaround (NASDAQ:INTC)  Seeking Alpha Article Source https://seekingalpha.com/article/4781970-intel-stock-undervalued-even-without-turnaround Facebook Twitter Pinterest LinkedIn Digg Tumblr Reddit Buffer Blogger…