wid-sec-w-2026-0686 · Published 2026-03-10 · View on BSI CERT-Bund ↗

Aruba AOS-CX: Multiple Vulnerabilities

CVSS 9.8 CRITICAL

Risk Summary

A vulnerability in the command line interface of AOS-CX Switches could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.

CVEs (5)

CVE-2026-23813 CVE-2026-23814 CVE-2026-23815 CVE-2026-23816 CVE-2026-23817

Affected Vendors

Aruba

Affected Products (8)

Aruba · AOS-CX <10.17.1001

Aruba · AOS-CX 10.17.1001

Aruba · AOS-CX <10.16.1030

Aruba · AOS-CX 10.16.1030

Aruba · AOS-CX <10.13.1161

Aruba · AOS-CX 10.13.1161

Aruba · AOS-CX <10.10.1180

Aruba · AOS-CX 10.10.1180

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more