CVE-2026-23809

Medium CVSS: 5.4

A technique has been identified that adapts a known port-stealing method to Wi-Fi environments that use multiple BSSIDs. By leveraging the relationship between BSSIDs and their associated virtual ports, an attacker could potentially bypass inter-BSSID isolation controls. Successful exploitation may enable an attacker to redirect and intercept the victim's network traffic, potentially resulting in eavesdropping, session hijacking, or denial of service.

Vendor

Arubanetworks

Product

Arubaos

CWE

CWE-400

Yayın Tarihi

2026-03-04 17:16:18

Güncelleme

2026-03-09 19:22:51

Source Identifier

security-alert@hpe.com

KEV Date Added

Kategoriler

CWE-400 Arubaos MEDIUM Arubanetworks 2026

Referanslar

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05026en_us&docLocale=en_US

Benzer Kayıtlar

Medium

CVE-2026-23810

A vulnerability in the packet processing logic may allow an authenticated attacker to craft and transmit a malicious Wi-…

Medium

CVE-2026-23811

A vulnerability in the client isolation mechanism may allow an attacker to bypass Layer 2 (L2) communication restriction…

Medium

CVE-2026-23812

A vulnerability has been identified where an attacker connecting to an access point as a standard wired or wireless clie…

Medium

CVE-2026-23601

A vulnerability has been identified in the wireless encryption handling of Wi-Fi transmissions. A malicious actor can ge…

Medium

CVE-2026-23808

A vulnerability has been identified in a standardized wireless roaming protocol that could enable a malicious actor to i…

High

CVE-2025-37182

Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated re…