Filtered by vendor Hpe
Subscriptions
Filtered by product Aruba Networking Wireless Operating Systems
Subscriptions
Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-23601 | 1 Hpe | 1 Aruba Networking Wireless Operating Systems | 2026-03-05 | 5.4 Medium |
| A vulnerability has been identified in the wireless encryption handling of Wi-Fi transmissions. A malicious actor can generate shared-key authenticated transmissions containing targeted payloads while impersonating the identity of a primary BSSID.Successful exploitation allows for the delivery of tampered data to specific endpoints, bypassing standard cryptographic separation. | ||||
| CVE-2026-23808 | 1 Hpe | 1 Aruba Networking Wireless Operating Systems | 2026-03-05 | 5.4 Medium |
| A vulnerability has been identified in a standardized wireless roaming protocol that could enable a malicious actor to install an attacker-controlled Group Temporal Key (GTK) on a client device. Successful exploitation of this vulnerability could allow a remote malicious actor to perform unauthorized frame injection, bypass client isolation, interfere with cross-client traffic, and compromise network segmentation, integrity, and confidentiality. | ||||
| CVE-2026-23809 | 1 Hpe | 1 Aruba Networking Wireless Operating Systems | 2026-03-05 | 5.4 Medium |
| A technique has been identified that adapts a known port-stealing method to Wi-Fi environments that use multiple BSSIDs. By leveraging the relationship between BSSIDs and their associated virtual ports, an attacker could potentially bypass inter-BSSID isolation controls. Successful exploitation may enable an attacker to redirect and intercept the victim's network traffic, potentially resulting in eavesdropping, session hijacking, or denial of service. | ||||
| CVE-2026-23810 | 1 Hpe | 1 Aruba Networking Wireless Operating Systems | 2026-03-05 | 4.3 Medium |
| A vulnerability in the packet processing logic may allow an authenticated attacker to craft and transmit a malicious Wi-Fi frame that causes an Access Point (AP) to classify the frame as group-addressed traffic and re-encrypt it using the Group Temporal Key (GTK) associated with the victim's BSSID. Successful exploitation may enable GTK-independent traffic injection and, when combined with a port-stealing technique, allows an attacker to redirect intercepted traffic to facilitate machine-in-the-middle (MitM) attacks across BSSID boundaries. | ||||
| CVE-2026-23811 | 1 Hpe | 1 Aruba Networking Wireless Operating Systems | 2026-03-05 | 4.3 Medium |
| A vulnerability in the client isolation mechanism may allow an attacker to bypass Layer 2 (L2) communication restrictions between clients and redirect traffic at Layer 3 (L3). In addition to bypassing policy enforcement, successful exploitation - when combined with a port-stealing attack - may enable a bi-directional Machine-in-the-Middle (MitM) attack. | ||||
| CVE-2026-23812 | 1 Hpe | 1 Aruba Networking Wireless Operating Systems | 2026-03-05 | 4.3 Medium |
| A vulnerability has been identified where an attacker connecting to an access point as a standard wired or wireless client can impersonate a gateway by leveraging an address-based spoofing technique. Successful exploitation enables the redirection of data streams, allowing for the interception or modification of traffic intended for the legitimate network gateway via a Machine-in-the-Middle (MitM) position. | ||||
Page 1 of 1.