Description
A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking ClearPass OnGuard Software for Linux. Successful exploitation of this vulnerability could allow a local attacker to achieve arbitrary code execution with root privileges.
Published: 2026-02-17
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Local Privilege Escalation
Action: Immediate Patch
AI Analysis

Impact

A local privilege escalation vulnerability exists in HPE Aruba Networking ClearPass Policy Manager for Linux. The flaw allows a local attacker to execute arbitrary code with root privileges, effectively giving them full control over the system. The weakness aligns with CWE‑269, an authentication or authorization flaw that permits a compromised local account to gain higher privileges.

Affected Systems

The affected product is Hewlett Packard Enterprise's HPE Aruba Networking ClearPass Policy Manager on Linux. No specific version range is provided in the advisory, so all deployments of this product remain potentially vulnerable until a patch is applied.

Risk and Exploitability

This vulnerability has a CVSS score of 7.8, classifying it as high severity. The EPSS score is less than 1 %, indicating a very low likelihood of exploitation in the wild, and it is not listed in the CISA KEV catalog. The exploitation vector is local: an attacker must already have physical or local console access to the device. This inference is drawn from the description which states it is a local privilege escalation vulnerability. Because compromise grants root privileges, the impact is severe for confidentiality, integrity, and availability of the affected system.

Generated by OpenCVE AI on April 18, 2026 at 12:00 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest HPE Aruba ClearPass OnGuard Software update that addresses the local privilege escalation flaw, as specified in HPE support documentation.
  • Limit local user accounts to those strictly necessary for operation, disabling unused accounts and services that could be abused for local code execution.
  • Enforce strict access controls on the system, including the principle of least privilege for all local users and careful monitoring of privileged activity.

Generated by OpenCVE AI on April 18, 2026 at 12:00 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 18 Feb 2026 14:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-269
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 18 Feb 2026 11:00:00 +0000

Type Values Removed Values Added
First Time appeared Hpe
Hpe aruba Networking Clearpass Policy Manager
Vendors & Products Hpe
Hpe aruba Networking Clearpass Policy Manager

Tue, 17 Feb 2026 23:15:00 +0000

Type Values Removed Values Added
Description A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking ClearPass OnGuard Software for Linux. Successful exploitation of this vulnerability could allow a local attacker to achieve arbitrary code execution with root privileges.
Title Local Privilege Escalation Vulnerability in HPE Aruba Networking Clear Pass Policy Manager OnGuard for Linux
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Hpe Aruba Networking Clearpass Policy Manager
cve-icon MITRE

Status: PUBLISHED

Assigner: hpe

Published:

Updated: 2026-02-18T13:43:12.492Z

Reserved: 2026-01-14T15:40:17.991Z

Link: CVE-2026-23599

cve-icon Vulnrichment

Updated: 2026-02-18T13:42:32.234Z

cve-icon NVD

Status : Deferred

Published: 2026-02-18T00:16:18.833

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-23599

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T12:15:15Z

Weaknesses