HPE AOS-CX Authentication Bypass Discovered
HPE disclosed a critical vulnerability in its AOS-CX network operating system on March 14, 2026. The flaw allows remote attackers to circumvent authentication controls and reset administrator passwords without any credentials. Security researchers identified the weakness affects HPE's enterprise switching platform used in corporate networks worldwide.
The vulnerability enables complete administrative takeover of affected network switches. Attackers can exploit this remotely across network boundaries, making it particularly dangerous for organizations with internet-facing management interfaces.
AOS-CX Enterprise Switches at Risk
All HPE AOS-CX switches running vulnerable firmware versions face immediate compromise risk. The flaw impacts enterprise-grade network infrastructure deployed in corporate environments, data centers, and campus networks. Organizations using HPE Aruba switches with remote management enabled are most exposed to attack.
Network administrators managing HPE switching infrastructure should assume their devices are vulnerable until patched. The authentication bypass affects both local and remote management interfaces.
Immediate Patching Required for HPE Switches
HPE released security updates addressing the authentication bypass vulnerability. Network administrators must apply firmware patches immediately to prevent unauthorized access. The CISA Known Exploited Vulnerabilities catalog may add this flaw if active exploitation occurs.
Organizations should disable remote management interfaces until patching completes. HPE recommends restricting management access to trusted networks only. Security teams should monitor for unauthorized configuration changes indicating potential compromise.
