By Sergiu Gatlan
Publication Date: 2026-03-10 17:30:00
Hewlett Packard Enterprise (HPE) has fixed multiple security vulnerabilities in the Aruba Networking AOS-CX operating system, including several authentication and code execution issues.
AOS-CX is a cloud-native network operating system (NOS) developed by HPE subsidiary Aruba Networks for the company’s CX series data center and campus switching devices.
The most serious security flaw today is a critical authentication bypass vulnerability (tracked as CVE-2026-23813) that unprivileged attackers can exploit in low-complexity attacks to reset administrator passwords.
“A vulnerability has been identified in the web-based management interface of AOS-CX switches that could allow an unauthenticated remote actor to bypass existing authentication controls. In some cases, this could allow the administrator password to be reset,” HPE said.
“HPE Aruba Networking is not aware of any public discussions or exploit code targeting these specific vulnerabilities as of the release date of…
