← Back

CVE-2026-23808

nvd nist
Published: Mar 4, 2026Modified: Jun 17, 2026

JSON object

Loading...
8.1
Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Exploitability: 2.8 / Impact: 5.2
Source: NVD

Description

A vulnerability has been identified in a standardized wireless roaming protocol that could enable a malicious actor to install an attacker-controlled Group Temporal Key (GTK) on a client device. Successful exploitation of this vulnerability could allow a remote malicious actor to perform unauthorized frame injection, bypass client isolation, interfere with cross-client traffic, and compromise network segmentation, integrity, and confidentiality.

Affected (6)

1 product
Arubaos
Configuration A
6 vulnerable · 17 platform
Vulnerable SoftwareAffected Versions
Arubanetworks
From 10.3.0.0 to 10.4.1.10
From 10.5.0.0 to 10.7.2.2
From 6.5.4.0 to 8.10.0.21
From 8.11.0.0 to 8.12.0.6
From 8.13.0.0 to 8.13.1.1
Version 10.8.0.0
Running on/withPlatform Versions
Arubanetworks
7010
All versions
Arubanetworks
7030
All versions
Arubanetworks
7205
All versions
Arubanetworks
7210
All versions
Arubanetworks
7220
All versions
Arubanetworks
7240xm
All versions
Arubanetworks
7280
All versions
Arubanetworks
9004
All versions
Arubanetworks
9004 Lte
All versions
Arubanetworks
9012
All versions
Arubanetworks
9106
All versions
Arubanetworks
9114
All versions
Arubanetworks
9240
All versions
Arubanetworks
Ap 634
All versions
Arubanetworks
Ap 635
All versions
Arubanetworks
Ap 654
All versions
Arubanetworks
Ap 655
All versions

References (1)

Timeline

No history available yet.