Description
A vulnerability in the command line interface of AOS-CX Switches could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.
Published: 2026-03-11
Score: 7.2 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

A command line interface (CLI) weakness in HPE AOS-CX Switches allows an authenticated remote attacker to execute arbitrary operating system commands, effectively providing remote code execution. The vulnerability is classified as a Command Injection (CWE‑78) and can compromise confidentiality, integrity, and availability of the device and any connected network resources.

Affected Systems

The vulnerability impacts Hewlett Packard Enterprise AOS‑CX Switches. Specific affected product versions are not listed in the available data, so all currently deployed AOS‑CX firmware that has not been patched is potentially vulnerable.

Risk and Exploitability

The CVSS score is 7.2 (High), and the EPSS score is below 1%, indicating a relatively low probability that the vulnerability will be actively exploited in the wild. The vulnerability is not yet in the CISA KEV catalog. Exploitation requires authentication and remote access to the CLI, suggesting the attacker typically must gain legitimate credentials or use an existing authenticated session to proceed.

Generated by OpenCVE AI on March 17, 2026 at 15:14 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor-released patch for the AOS‑CX CLI command vulnerability (refer to the HPE support document at https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US).
  • Disable or restrict remote CLI access on the device to limit exposure to authenticated attackers.
  • Enforce strong, unique credentials and enforce password policy changes for AOS‑CX devices.
  • Segment network topology to isolate AOS‑CX switches from critical systems and limit lateral movement.

Generated by OpenCVE AI on March 17, 2026 at 15:14 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 11 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-78
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 11 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Hpe
Hpe arubaos-cx
Vendors & Products Hpe
Hpe arubaos-cx

Wed, 11 Mar 2026 04:00:00 +0000

Type Values Removed Values Added
Description A vulnerability in the command line interface of AOS-CX Switches could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.
Title Authenticated Command Injection found in admin AOS-CX CLI command
References
Metrics cvssV3_1

{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Hpe Arubaos-cx
cve-icon MITRE

Status: PUBLISHED

Assigner: hpe

Published:

Updated: 2026-03-11T15:43:49.752Z

Reserved: 2026-01-16T15:22:38.202Z

Link: CVE-2026-23816

cve-icon Vulnrichment

Updated: 2026-03-11T15:43:46.878Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-11T04:17:35.533

Modified: 2026-03-11T16:16:26.630

Link: CVE-2026-23816

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-20T14:38:00Z

Weaknesses