Description
A vulnerability in a custom binary used in AOS-CX Switches' CLI could allow an authenticated remote attacker with high privileges to perform command injection. Successful exploitation could allow an attacker to execute unauthorized commands.
Published: 2026-03-11
Score: 7.2 High
EPSS: < 1% Very Low
KEV: No
Impact: Command Injection / Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

AOS-CX Switches contain a custom binary that can be invoked through the administrative CLI. The vulnerability allows an attacker with authenticated high privileges to exploit a command injection flaw. This results in arbitrary command execution on the host, granting the attacker full control over the system and the ability to tamper with configuration or data.

Affected Systems

The affected product is Hewlett Packard Enterprise (HPE) AOS-CX Switches. No specific version range is provided in the CNA data, so all deployments using the affected binary are potentially vulnerable until a patch is applied.

Risk and Exploitability

The CVSS score is 7.2, indicating a high impact but not critical. EPSS is below 1%, suggesting a low likelihood of exploitation in the wild. The vulnerability is not in the CISA KEV catalog. Exploitation requires remote authentication and high privilege, making it strictly an authenticated attack vector.

Generated by OpenCVE AI on March 17, 2026 at 15:14 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the patch or upgrade to the latest firmware version released by HPE as per the official advisory.
  • Restrict CLI access to trusted administrators and enforce strong authentication.
  • Verify that the switch firmware is up‑to‑date by checking HPE support for the latest security releases.

Generated by OpenCVE AI on March 17, 2026 at 15:14 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 11 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-77
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 11 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Hpe
Hpe arubaos-cx
Vendors & Products Hpe
Hpe arubaos-cx

Wed, 11 Mar 2026 04:00:00 +0000

Type Values Removed Values Added
Description A vulnerability in a custom binary used in AOS-CX Switches' CLI could allow an authenticated remote attacker with high privileges to perform command injection. Successful exploitation could allow an attacker to execute unauthorized commands.
Title Authenticated Command Injection found in AOS-CX Administrative CLI Command
References
Metrics cvssV3_1

{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Hpe Arubaos-cx
cve-icon MITRE

Status: PUBLISHED

Assigner: hpe

Published:

Updated: 2026-03-12T03:55:19.327Z

Reserved: 2026-01-16T15:22:38.202Z

Link: CVE-2026-23815

cve-icon Vulnrichment

Updated: 2026-03-11T15:42:52.496Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-11T04:17:35.080

Modified: 2026-03-11T16:16:26.490

Link: CVE-2026-23815

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-20T14:38:00Z

Weaknesses