Vulnerabilities Critical HPE AOS-CX Vulnerability Allows Admin Password Resets The vulnerability can be exploited remotely, without authentication, to circumvent existing authentication controls. By Ionut Arghire | March 14, 2026 (6:50 AM ET) Flipboard Reddit Whatsapp Whatsapp Email Hewlett Packard Enterprise (HPE) this week announced patches for a critical-severity vulnerability in Aruba Networking AOS-CX that could be exploited to reset administrator passwords. The issue, tracked as CVE-2026-23813 (CVSS score of 9.8), impacts the web-based management interface of AOS-CX switches and can be exploited remotely, without authentication, to bypass authentication controls. The bug impacts HPE Aruba Networking CX 4100i, CX 6000, CX 6100, CX 6200, CX 6300, CX 6400, CX 8320, CX 8325, CX 8360, CX 9300, and CX 10000 series switches. The successful exploitation of the security defect could allow attackers to take over vulnerable AOS-CX switches and potentially compromise entire systems, Corsica Technologies CISO Ross Filipek says. “A successful compromise could lead to the disruption of network communications or the erosion of the integrity of key business services. When attackers gain privileged access to these devices, it puts organizations at significant risk,” Filipek said. According to HPE’s advisory , organizations can mitigate the risks associated with CVE-2026-23813 by restricting access to management interfaces and implementing strict access control policies. Advertisement. Scroll to continue reading. Organizations are also advised to disable HTTP(S) interfaces on Switched Virtual Interfaces (SVIs) and routed ports, enforce ACLs to ensure only trusted clients connect to the HTTPS/REST endpoints, and to enable comprehensive accounting, logging, and monitoring of management interfaces. HPE Aruba Networking rolled out AOS-CX versions 10.17.1001, 10.16.1030, 10.13.1161, and 10.10.1180 to address the bug. The software updates also resolve three high-severity vulnerabilities (tracked as CVE-2026-23814, CVE-2026-23815, and CVE-2026-23816) in AOS-CX that could allow authenticated, remote attackers to inject and execute malicious commands. Additionally, they address a medium-severity issue that could be exploited by unauthenticated, remote attackers to redirect users to arbitrary URLs. HPE says it is not aware of any of these vulnerabilities being exploited in the wild. Users are advised to apply the security updates as soon as possible. Related: How to 10x Your Vulnerability Management Program in the Agentic Era Related: Chrome 146 Update Patches Two Exploited Zero-Days Related: Apple Updates Legacy iOS Versions to Patch Coruna Exploits Related: Splunk, Zoom Patch Severe Vulnerabilities Written By Ionut Arghire Ionut Arghire is an international correspondent for SecurityWeek. More from Ionut Arghire Chrome 146 Update Patches Two Exploited Zero-Days Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks Splunk, Zoom Patch Severe Vulnerabilities Cisco Patches High-Severity IOS XR Vulnerabilities Critical N8n Vulnerabilities Allowed Server Takeover 238,000 Impacted by Bell Ambulance Data Breach Scanner Raises $22 Million for AI-Powered Threat Hunting Fortinet, Ivanti, Intel Patch High-Severity Vulnerabilities Latest News Starbucks Data Breach Impacts Employees In Other News: N8n Flaw Exploited, Slopoly Malware, Interpol Cybercrime Crackdown Iran-Linked Hackers Take Aim at US and Other Targets, Raising Risk of Cyberattacks During War Bold Security Emerges From Stealth With $40 Million in Funding Google Paid Out $17 Million in Bug Bounty Rewards in 2025 Iran-Linked Hacker Attack on Stryker Disrupted Manufacturing and Shipping Onyx Security Launches With $40 Million in Funding Authorities Disrupt SocksEscort Proxy Service Powered by AVrecon Botnet Trending Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: Securing Fragile OT in an Exposed World March 10, 2026 Get a candid look at the current OT threat landscape as we move past "doom and gloom" to discuss the mechanics of modern OT exposure. Register Virtual Event: Supply Chain Security and Third-Party Risk Summit March 18, 2026 Join the event where top security experts unpack the biggest software supply chain risks. Register People on the Move The US Senate has confirmed Army Lt. Gen. Joshua Rudd to lead NSA and CYBERCOM. Business software company Rippling has appointed Adrian Ludwig as CSO. Orca Security has named Rachel Nislick as Chief Marketing Officer. More People On The Move Expert Insights The Human IOC: Why Security Professionals Struggle with Social Vetting Applying SOC-level rigor to the rumors, politics, and 'human intel' can make or break a security team. (Joshua Goldfarb) How to 10x Your Vulnerability Management Program in the Agentic Era The evolution of vulnerability management in the agentic era is characterized by continuous telemetry, contextual prioritization and the ultimate goal of agentic remediation. (Nadir Izrael) SIM Swaps Expose a Critical Flaw in Identity Security SIM swap attacks exploit misplaced trust in phone numbers and human processes to bypass authentication controls and seize high-value accounts. (Torsten George) Four Risks Boards Cannot Treat as Background Noise The goal isn’t about preventing every attack but about keeping the business running when attacks succeed. (Steve Durbin) How to Eliminate the Technical Debt of Insecure AI-Assisted Software Development Developers must view AI as a collaborator to be closely monitored, rather than an autonomous entity to be unleashed. Without such a mindset, crippling tech debt is inevitable. (Matias Madou) Flipboard Reddit Whatsapp Whatsapp Email