Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

AOS-CX web management authentication bypass (CVE-2026-23813)

Vulnerability
First reported
Last updated
Happening score
H score 25
1 unique sources, 1 articles

Summary

Hide ▲

HPE has patched CVE-2026-23813, a critical authentication bypass in the Aruba Networking AOS-CX web-based management interface that could let unauthenticated remote attackers reset admin passwords. The flaw affects CX-series campus and data center switches and was described as a low-complexity attack path. HPE says it is not aware of public exploit code or abuse in the wild, but the issue directly threatens switch administration.

Related Happenings

Linux kernel RDS PinTheft local privilege escalation flaw (public PoC)

Vulnerability
First: 20.05.2026 13:52 Last: 20.05.2026 13:52 Sources 1

About this happening: **PinTheft** now has a **public PoC exploit**, turning a recently patched **Linux kernel RDS** flaw into a practical **local privilege escalation** risk for **Arch Linux** systems...

Open Happening

PAN-OS User-ID Authentication Portal mitigation guidance (CVE-2026-0300)

Advisory/Mitigation
First: 06.05.2026 09:14 Last: 06.05.2026 09:14 Sources 1

About this happening: Palo Alto Networks issued **mitigation guidance** for **CVE-2026-0300** after the **PAN-OS User-ID Authentication Portal** flaw was reported **exploited in the wild**, leaving pub...

Open Happening

CPanel & WHM authentication-bypass exploitation wave (CVE-2026-41940)

Exploitation Wave
First: 04.05.2026 11:25 Last: 04.05.2026 11:25 Sources 1

About this happening: Active exploitation of **CVE-2026-41940** is driving a **large cPanel & WHM compromise wave**, putting exposed servers at risk of administrative takeover. **More than 40,000 serve...

Open Happening

F5 BIG-IP APM active exploitation wave (CVE-2025-53521)

Exploitation Wave
First: 02.04.2026 11:25 Last: 02.04.2026 11:25 Sources 1

About this happening: As of **2026-04-02**, ongoing attacks are exploiting **CVE-2025-53521** against **F5 BIG-IP APM** systems, leaving more than **14,000** exposed online and at risk of remote code e...

Open Happening

N8n sandbox escape flaws (multiple vulnerabilities)

Vulnerability
First: 04.02.2026 15:00 Last: 04.02.2026 15:00 Sources 1

About this happening: Two **maximum-severity sandbox-escape flaws** in **n8n** expose **self-hosted and cloud instances** to **complete server takeover** and **credential theft**. An **authenticated us...

Open Happening

Timeline

  1. 10.03.2026 19:30 2 articles · 2mo ago

    HPE patches AOS-CX authentication bypass

    Initial Disclosure

    On 2026-03-10, Hewlett Packard Enterprise (HPE) patched multiple vulnerabilities in Aruba Networking AOS-CX, including CVE-2026-23813, a critical authentication bypass in the web-based management interface on CX-series campus and data center switch devices.

    Show sources
    Open in new tab
  2. 10.03.2026 19:30 1 articles · 2mo ago

    CVE-2026-23813 can bypass authentication

    Technical Analysis Update

    CVE-2026-23813 allows an unauthenticated remote actor to circumvent existing authentication controls in the AOS-CX web-based management interface and, in some cases, reset the admin password; HPE said it was not aware of public discussion, exploit code, or in-the-wild abuse as of the advisory release date.

    Show sources
    Open in new tab
  3. 10.03.2026 19:30 1 articles · 2mo ago

    HPE advises network controls for unpatched switches

    Mitigation Patch Update

    For vulnerable AOS-CX switches that cannot be patched immediately, administrators can isolate management traffic on a dedicated Layer 2 segment or VLAN, restrict access with strict Layer 3 controls, disable unused HTTP(S) interfaces, enforce Control Plane Access Control Lists (ACLs), and enable logging and monitoring of management activity.

    Show sources
    Open in new tab