Published on February 12, 2026
HPE Aruba Flaw Exposes Networking Devices to Privilege Escalation and DoS Attacks
Severity
Critical
A critical security advisory has been released by HPE Aruba Networking to address several vulnerabilities in its Private 5G Core Platform that could allow hackers access to sensitive system data, disrupt services, and create unauthorized administrative accounts.
The vulnerabilities, identified by the Communications Security Establishment (CSE) as CVE-2026-23595, CVE-2026-23596, CVE-2026-23597, and CVE-2026-23598, impact platform versions 1.24.3.0 through 1.24.3.3.
| CVE ID | Vulnerability Type | Impact | CVSS Score |
| CVE-2026-23595 | Authentication Bypass in Application API | Unauthorized administrative account creation, privilege escalation | 8.8 (High) |
| CVE-2026-23596 | Improper Access Control in Management API | Service disruption, denial of service through forced restarts | 6.5 (Medium) |
| CVE-2026-23597 | Information Disclosure in API Error Handling | Exposure of user accounts, roles, system configuration details | 6.5 (Medium) |
| CVE-2026-23598 | Information Disclosure in API Error Handling | Exposure of internal services, workflows, and sensitive data | 6.5 (Medium) |
CVE-2026-23595 has a high CVSS score of 8.8 and involves an authentication bypass in the application API. This flaw allows unauthenticated remote attackers to create privileged user accounts without authorization.
Successful exploitation could allow threat actors to obtain elevated administrative privileges, enabling them to alter system configurations, tamper with sensitive information, and potentially establish long-term control over the affected networking environment.
The attack requires access from an adjacent network but does not require user interaction, increasing the level of risk in enterprise and industrial deployments.
CVE-2026-23596, assigned a medium severity rating with a CVSS score of 6.5, allows unauthenticated attackers to initiate service restarts due to insufficient access control within the management API.
Exploitation of this issue may result in disruption of critical networking services, affecting overall system availability and potentially leading to operational interruptions.
Additionally, CVE-2026-23597 and CVE-2026-23598 involve information disclosure vulnerabilities stemming from improper API error handling mechanisms.
These flaws may allow attackers to extract sensitive system information, including user account details, assigned roles, configuration data, and internal service processes, which could facilitate more advanced, multi-stage attack scenarios.
Affected Products
This vulnerability affects HPE Aruba Networking Private 5G Core in the following software versions unless specifically noted otherwise in the details section:
HPE Aruba Networking Private 5G Core:
- 1.24.3.0
- 1.24.3.1
- 1.24.3.2
- 1.24.3.3
Unaffected Versions
- HPE Aruba Networking Private 5G Core:
- 1.24.2.2 and below
- 1.25.1.0 and above
Any other HPE Aruba Networking products not specifically listed above are not affected by these vulnerabilities.
Recommendation
HPE strongly recommends that organizations running vulnerable versions immediately upgrade to version 1.25.1.0 or higher to mitigate these security risks.
The patches are available through HPE’s Enterprise License portal at myenterpriselicense.hpe.com.
No workarounds are available for these vulnerabilities, making patching the only effective defense strategy.
Source
https://gbhackers.com/hpe-aruba-flaw-exposes-networking-devices
https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05002en_us&docLocale=en_US