High severity7.5NVD Advisory· Published May 12, 2026· Updated May 15, 2026
CVE-2026-23827
CVE-2026-23827
Description
A heap-based buffer overflow vulnerability exists in a Network management service of AOS-8 and AOS-10 that could allow an unauthenticated remote attacker to achieve remote code execution. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code as a privileged user on the underlying operating system, potentially leading to a system compromise. Exploitation may also result in a denial-of-service (DoS) condition affecting the impacted system process.
Affected products
2- cpe:2.3:a:arubanetworks:sd-wan:*:*:*:*:*:*:*:*Range: >=8.6.0.4-2.2.0.0,<=8.6.0.4-2.2.0.7
Patches
Vulnerability mechanics
References
1- support.hpe.com/hpesc/public/docDisplaynvdVendor Advisory
News mentions
0No linked articles in our index yet.