Description
A vulnerability has been identified in the wireless encryption handling of Wi-Fi transmissions. A malicious actor can generate shared-key authenticated transmissions containing targeted payloads while impersonating the identity of a primary BSSID.Successful exploitation allows for the delivery of tampered data to specific endpoints, bypassing standard cryptographic separation.
Published: 2026-03-04
Score: 5.4 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Bypass encryption and traffic spoofing
Action: Apply Patch
AI Analysis

Impact

A flaw in Aruba Networking Wireless OS allows an attacker to craft shared-key authenticated frames that impersonate a primary BSSID. By sending these frames, the attacker can deliver targeted payloads to specific endpoints, bypassing normal cryptographic separation. This enables tampered data to reach victims and potentially compromises the client device, representing a significant data integrity and confidentiality threat based on CWE-327.

Affected Systems

The vulnerability impacts HPE Aruba Networking Wireless Operating System in both AOS-10 and AOS-8 platforms. Devices enumerated in the CPE list, including Aruba APs and controllers such as 7010, 7030, 7205, 7210, 7220, 7240xm, 7280, 9004‑lte, 9004, 9012, 9106, 9114, 9240, ap‑634, ap‑635, ap‑654, ap‑655, and the operating system itself (notably version 10.8.0.0). Specific supported firmware versions are not fully disclosed in this data.

Risk and Exploitability

The reported CVSS score of 5.4 indicates moderate severity, and the EPSS score of less than 1% reflects a low probability of current exploitation. The vulnerability is not flagged in the CISA KEV catalog. Exploitation requires an attacker to have wireless transmission capability adjacent to the target network, suggesting that proximity or network access is required. Once the attacker can inject the crafted frames, the compromised traffic bypasses standard cryptographic checks, allowing tampered data to reach victim devices.

Generated by OpenCVE AI on April 16, 2026 at 05:44 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply any HPE Aruba firmware or software updates that address the shared‑GTK handling flaw.
  • Enforce the use of strong pre‑shared keys and consider deactivating shared‑key authentication if it is not required, as a temporary workaround.
  • Monitor wireless traffic for anomalous frames that claim the primary BSSID and alert on unexpected retransmissions.

Generated by OpenCVE AI on April 16, 2026 at 05:44 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 09 Mar 2026 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Arubanetworks
Arubanetworks 7010
Arubanetworks 7030
Arubanetworks 7205
Arubanetworks 7210
Arubanetworks 7220
Arubanetworks 7240xm
Arubanetworks 7280
Arubanetworks 9004
Arubanetworks 9004-lte
Arubanetworks 9012
Arubanetworks 9106
Arubanetworks 9114
Arubanetworks 9240
Arubanetworks ap-634
Arubanetworks ap-635
Arubanetworks ap-654
Arubanetworks ap-655
Arubanetworks arubaos
CPEs cpe:2.3:h:arubanetworks:7010:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:7030:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:7205:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:7210:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:7220:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:7240xm:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:7280:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:9004-lte:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:9004:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:9012:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:9106:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:9114:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:9240:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:ap-634:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:ap-635:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:ap-654:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:ap-655:-:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:10.8.0.0:*:*:*:*:*:*:*
Vendors & Products Arubanetworks
Arubanetworks 7010
Arubanetworks 7030
Arubanetworks 7205
Arubanetworks 7210
Arubanetworks 7220
Arubanetworks 7240xm
Arubanetworks 7280
Arubanetworks 9004
Arubanetworks 9004-lte
Arubanetworks 9012
Arubanetworks 9106
Arubanetworks 9114
Arubanetworks 9240
Arubanetworks ap-634
Arubanetworks ap-635
Arubanetworks ap-654
Arubanetworks ap-655
Arubanetworks arubaos

Thu, 05 Mar 2026 09:15:00 +0000

Type Values Removed Values Added
First Time appeared Hpe
Hpe aruba Networking Wireless Operating Systems
Vendors & Products Hpe
Hpe aruba Networking Wireless Operating Systems

Wed, 04 Mar 2026 18:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-327
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 04 Mar 2026 16:30:00 +0000

Type Values Removed Values Added
Description A vulnerability has been identified in the wireless encryption handling of Wi-Fi transmissions. A malicious actor can generate shared-key authenticated transmissions containing targeted payloads while impersonating the identity of a primary BSSID.Successful exploitation allows for the delivery of tampered data to specific endpoints, bypassing standard cryptographic separation.
Title Frame Injection via Shared GTK Allows Traffic Spoofing and Client Compromise
References
Metrics cvssV3_1

{'score': 5.4, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}

Subscriptions

Arubanetworks 7010 7030 7205 7210 7220 7240xm 7280 9004 9004-lte 9012 9106 9114 9240 Ap-634 Ap-635 Ap-654 Ap-655 Arubaos
Hpe Aruba Networking Wireless Operating Systems
cve-icon MITRE

Status: PUBLISHED

Assigner: hpe

Published:

Updated: 2026-04-01T16:23:06.986Z

Reserved: 2026-01-14T15:40:17.991Z

Link: CVE-2026-23601

cve-icon Vulnrichment

Updated: 2026-03-04T17:56:17.146Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-04T17:16:18.610

Modified: 2026-03-09T19:25:46.320

Link: CVE-2026-23601

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T05:45:26Z

Weaknesses