Unauthenticated Remote Code Execution via Heap Buffer Overflow in Network Management Service_CVE-2026-23827

{
    "lastseen": "",
    "description": "A heap-based buffer overflow vulnerability exists in a Network management service of AOS-8 and AOS-10 that could allow an unauthenticated remote attacker to achieve remote code execution. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code as a privileged user on the underlying operating system, potentially leading to a system compromise. Exploitation may also result in a denial-of-service (DoS) condition affecting the impacted system process.",
    "published": "2026-05-12T18:54:47.364Z",
    "modified": "2026-05-12T18:54:47.364Z",
    "type": "cve",
    "title": "Unauthenticated Remote Code Execution via Heap Buffer Overflow in Network Management Service",
    "source": "hpe",
    "references": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us&docLocale=en_US",
    "id": "CVE-2026-23827",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "Hewlett Packard Enterprise (HPE) HPE Aruba Networking Wireless Operating System (AOS) 8.13.0.0\nHewlett Packard Enterprise (HPE) HPE Aruba Networking Wireless Operating System (AOS) 8.12.0.0\nHewlett Packard Enterprise (HPE) HPE Aruba Networking Wireless Operating System (AOS) 8.10.0.0\nHewlett Packard Enterprise (HPE) HPE Aruba Networking Wireless Operating System (AOS) 10.8.0.0\nHewlett Packard Enterprise (HPE) HPE Aruba Networking Wireless Operating System (AOS) 10.7.0.0\nHewlett Packard Enterprise (HPE) HPE Aruba Networking Wireless Operating System (AOS) 10.4.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 7.5,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "HPE Aruba Networking Wireless Operating System (AOS)",
    "version": "8.13.0.0",
    "vendor": "Hewlett Packard Enterprise (HPE)",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}