CVE-2026-23601

A vulnerability has been identified in the wireless encryption handling of Wi-Fi transmissions. A malicious actor can generate shared-key authenticated transmissions containing targeted payloads while impersonating the identity of a primary BSSID.Successful exploitation allows for the delivery of tampered data to specific endpoints, bypassing standard cryptographic separation.

CVSS v3 5.4 MEDIUM

5.4^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.5

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05026en_us&docLocale=en_US	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:arubanetworks:arubaos::::::::
	cpe:2.3:o:arubanetworks:arubaos::::::::
	cpe:2.3:o:arubanetworks:arubaos::::::::
	cpe:2.3:o:arubanetworks:arubaos::::::::
	cpe:2.3:o:arubanetworks:arubaos::::::::
	cpe:2.3:o:arubanetworks:arubaos:10.8.0.0:::::::*

OR	cpe:2.3:h:arubanetworks:7010:-:::::::*
	cpe:2.3:h:arubanetworks:7030:-:::::::*
	cpe:2.3:h:arubanetworks:7205:-:::::::*
	cpe:2.3:h:arubanetworks:7210:-:::::::*
	cpe:2.3:h:arubanetworks:7220:-:::::::*
	cpe:2.3:h:arubanetworks:7240xm:-:::::::*
	cpe:2.3:h:arubanetworks:7280:-:::::::*
	cpe:2.3:h:arubanetworks:9004:-:::::::*
	cpe:2.3:h:arubanetworks:9004-lte:-:::::::*
	cpe:2.3:h:arubanetworks:9012:-:::::::*
	cpe:2.3:h:arubanetworks:9106:-:::::::*
	cpe:2.3:h:arubanetworks:9114:-:::::::*
	cpe:2.3:h:arubanetworks:9240:-:::::::*
	cpe:2.3:h:arubanetworks:ap-634:-:::::::*
	cpe:2.3:h:arubanetworks:ap-635:-:::::::*
	cpe:2.3:h:arubanetworks:ap-654:-:::::::*
	cpe:2.3:h:arubanetworks:ap-655:-:::::::*

History

No history.

Information

Published : 2026-03-04 17:16

Updated : 2026-03-09 19:25

NVD link : CVE-2026-23601

Mitre link : CVE-2026-23601

CVE.ORG link : CVE-2026-23601

JSON object : View

Products Affected

arubanetworks

7280
9004-lte
ap-634
9240
7010
7240xm
7030
7205
7210
9012
9114
ap-654
ap-655
7220
9106
ap-635
9004
arubaos

CWE

CWE-327

Use of a Broken or Risky Cryptographic Algorithm

{"id": "CVE-2026-23601", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-alert@hpe.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 2.8}]}, "published": "2026-03-04T17:16:18.610", "references": [{"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05026en_us&docLocale=en_US", "tags": ["Vendor Advisory"], "source": "security-alert@hpe.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-327"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in the wireless encryption handling of Wi-Fi transmissions. A malicious actor can generate shared-key authenticated transmissions containing targeted payloads while impersonating the identity of a primary BSSID.Successful exploitation allows for the delivery of tampered data to specific endpoints, bypassing standard cryptographic separation."}, {"lang": "es", "value": "Una vulnerabilidad ha sido identificada en el manejo del cifrado inal\u00e1mbrico de las transmisiones Wi-Fi. Un actor malicioso puede generar transmisiones autenticadas por clave compartida que contienen cargas \u00fatiles dirigidas mientras suplanta la identidad de un BSSID primario. La explotaci\u00f3n exitosa permite la entrega de datos manipulados a puntos finales espec\u00edficos, eludiendo la separaci\u00f3n criptogr\u00e1fica est\u00e1ndar."}], "lastModified": "2026-03-09T19:25:46.320", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B8A04E5-890D-4CBC-B504-2F50294C49A1", "versionEndIncluding": "8.10.0.21", "versionStartIncluding": "6.5.4.0"}, {"criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33943569-C024-4615-BA2C-874DD71EC077", "versionEndIncluding": "8.12.0.6", "versionStartIncluding": "8.11.0.0"}, {"criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9F95C3EA-87DF-448B-B63D-E469A38650AE", "versionEndIncluding": "8.13.1.1", "versionStartIncluding": "8.13.0.0"}, {"criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0ECE682E-B356-4960-AC0F-4C066B8CB7EE", "versionEndIncluding": "10.4.1.10", "versionStartIncluding": "10.3.0.0"}, {"criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3E7CE262-1F72-4AE3-BE71-9E09EBF64B02", "versionEndIncluding": "10.7.2.2", "versionStartIncluding": "10.5.0.0"}, {"criteria": "cpe:2.3:o:arubanetworks:arubaos:10.8.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "291A71D4-415C-4478-9BC1-1873ED23B6E1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:7010:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "59612211-5054-44DC-B028-61A2C5C6133D"}, {"criteria": "cpe:2.3:h:arubanetworks:7030:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E8E68DB6-149B-4469-BD27-69F1AC59166F"}, {"criteria": "cpe:2.3:h:arubanetworks:7205:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2E9AA178-1327-402E-8740-8409ECA448BC"}, {"criteria": "cpe:2.3:h:arubanetworks:7210:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9969F899-4D7A-4DD5-B81D-DB16B20CF86A"}, {"criteria": "cpe:2.3:h:arubanetworks:7220:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CF33BAD0-0596-4910-B096-99E2033F73D8"}, {"criteria": "cpe:2.3:h:arubanetworks:7240xm:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FDDFDA5E-3895-463A-86EA-1823EC1B5045"}, {"criteria": "cpe:2.3:h:arubanetworks:7280:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3BBA9A71-BE10-471A-A8BE-5CCB8CE8393F"}, {"criteria": "cpe:2.3:h:arubanetworks:9004:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CFA13FF5-7C60-48B4-AF46-18A9F19D5D42"}, {"criteria": "cpe:2.3:h:arubanetworks:9004-lte:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0B1EB3D9-77B5-4DBE-9518-23DD0DA06BC9"}, {"criteria": "cpe:2.3:h:arubanetworks:9012:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "17162DB3-973E-47C6-9157-39A0E94603F2"}, {"criteria": "cpe:2.3:h:arubanetworks:9106:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "086E2884-82B9-4909-973A-2AF9796EE6A3"}, {"criteria": "cpe:2.3:h:arubanetworks:9114:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D6758409-B957-486D-96C0-BCDD91BE4E8A"}, {"criteria": "cpe:2.3:h:arubanetworks:9240:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A6BF9E0D-630F-40B4-9109-560CA13C981B"}, {"criteria": "cpe:2.3:h:arubanetworks:ap-634:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "69298E74-9FC7-4E96-9581-2B7F5CDD8956"}, {"criteria": "cpe:2.3:h:arubanetworks:ap-635:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B0219C4A-855C-4CCC-9C56-499697A91B94"}, {"criteria": "cpe:2.3:h:arubanetworks:ap-654:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7E4B96D6-2695-43E4-9956-872E0661B9ED"}, {"criteria": "cpe:2.3:h:arubanetworks:ap-655:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D18C831D-4D5C-4A50-8101-2CFB3D1B5210"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "security-alert@hpe.com"}