Hewlett Packard Enterprise: HPE Aruba Networking Vulnerability Allows Privilege Escalation and DoS Attacks

HPE Discloses Critical Flaws in Aruba Networking Private 5G Core Software

Hewlett Packard Enterprise (HPE) has revealed four critical vulnerabilities in its Aruba Networking Private 5G Core software, which could allow remote attackers on adjacent networks to escalate privileges, launch denial-of-service (DoS) attacks, and expose sensitive data. The advisory (HPESBNW05002) was published on February 10, 2026, affecting versions 1.24.3.0 through 1.24.3.3.

The flaws, discovered by Canada’s Communications Security Establishment (CSE), stem from weaknesses in the application and management APIs, enabling unauthenticated exploitation. No workarounds are available, making upgrades mandatory.

Key Vulnerabilities:

• CVE-2026-23595 (CVSS 8.8, High) – Authentication bypass in the application API, allowing attackers to create admin accounts for full system control, including configuration changes and data manipulation.
• CVE-2026-23596 (CVSS 6.5, Medium) – DoS via the management API, forcing service restarts and disrupting 5G core availability.
• CVE-2026-23597 & CVE-2026-23598 (CVSS 6.5, Medium) – Information disclosure through API errors, leaking user accounts, roles, and configurations to facilitate further attacks.

All vulnerabilities require adjacent network access (AV:A), posing a significant risk to enterprise private 5G deployments. HPE has released patches in version 1.25.1.0 or later, with unaffected versions being 1.24.2.2 and below. Organizations are advised to upgrade immediately and implement network segmentation to mitigate risks.

Source: https://cyberpress.org/hpe-aruba-networking-vulnerability/

Hewlett Packard Enterprise TPRM report: https://www.rankiteo.com/company/hewlett-packard-enterprise

"id": "hew1770906520",
"linkid": "hewlett-packard-enterprise",
"type": "Vulnerability",
"date": "2/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 'Organizations using Aruba '
                                              'Networking Private 5G Core '
                                              'software (versions 1.24.3.0 '
                                              'through 1.24.3.3)',
                        'industry': 'Technology/Networking',
                        'name': 'Hewlett Packard Enterprise (HPE)',
                        'type': 'Corporation'}],
 'attack_vector': 'Adjacent Network (AV:A)',
 'customer_advisories': 'Organizations advised to upgrade immediately and '
                        'implement network segmentation.',
 'data_breach': {'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['User accounts',
                                              'Roles',
                                              'Configurations']},
 'date_detected': '2026-02-10',
 'date_publicly_disclosed': '2026-02-10',
 'description': 'Hewlett Packard Enterprise (HPE) has revealed four critical '
                'vulnerabilities in its Aruba Networking Private 5G Core '
                'software, which could allow remote attackers on adjacent '
                'networks to escalate privileges, launch denial-of-service '
                '(DoS) attacks, and expose sensitive data. The flaws stem from '
                'weaknesses in the application and management APIs, enabling '
                'unauthenticated exploitation. No workarounds are available, '
                'making upgrades mandatory.',
 'impact': {'data_compromised': 'User accounts, roles, and configurations',
            'downtime': 'Service restarts and 5G core availability disruption',
            'operational_impact': 'Full system control, configuration changes, '
                                  'and data manipulation',
            'systems_affected': 'Aruba Networking Private 5G Core software '
                                '(versions 1.24.3.0 through 1.24.3.3)'},
 'investigation_status': 'Vulnerabilities disclosed and patches released',
 'post_incident_analysis': {'corrective_actions': 'Patches released and '
                                                  'network segmentation '
                                                  'recommended',
                            'root_causes': 'Weaknesses in application and '
                                           'management APIs enabling '
                                           'unauthenticated exploitation'},
 'recommendations': 'Upgrade to version 1.25.1.0 or later and implement '
                    'network segmentation to mitigate risks.',
 'references': [{'date_accessed': '2026-02-10',
                 'source': 'HPE Advisory',
                 'url': 'HPESBNW05002'}],
 'response': {'communication_strategy': 'Advisory HPESBNW05002 published',
              'containment_measures': 'Upgrade to version 1.25.1.0 or later',
              'network_segmentation': 'Recommended to mitigate risks',
              'remediation_measures': 'Patches released in version 1.25.1.0 or '
                                      'later',
              'third_party_assistance': 'Canada’s Communications Security '
                                        'Establishment (CSE)'},
 'title': 'HPE Discloses Critical Flaws in Aruba Networking Private 5G Core '
          'Software',
 'type': ['Privilege Escalation',
          'Denial-of-Service (DoS)',
          'Information Disclosure'],
 'vulnerability_exploited': ['CVE-2026-23595',
                             'CVE-2026-23596',
                             'CVE-2026-23597',
                             'CVE-2026-23598']}