cbcvebase.
CVE-2026-23809
published 2026-03-04

CVE-2026-23809: A technique has been identified that adapts a known port-stealing method to Wi-Fi environments that use multiple BSSIDs. By leveraging the relationship between…

PriorityP338high7.6CVSS 3.1
AVAACLPRNUINSUCLILAH
EPSS
0.26%
17.3th percentile
A technique has been identified that adapts a known port-stealing method to Wi-Fi environments that use multiple BSSIDs. By leveraging the relationship between BSSIDs and their associated virtual ports, an attacker could potentially bypass inter-BSSID isolation controls. Successful exploitation may enable an attacker to redirect and intercept the victim's network traffic, potentially resulting in eavesdropping, session hijacking, or denial of service.

Affected

12 ranges
VendorProductVersion rangeFixed in
arubanetworksarubaos
arubanetworksarubaos10.3.0.0 – 10.4.1.10
arubanetworksarubaos10.5.0.0 – 10.7.2.2
arubanetworksarubaos6.5.4.0 – 8.10.0.21
arubanetworksarubaos8.11.0.0 – 8.12.0.6
arubanetworksarubaos8.13.0.0 – 8.13.1.1
hewlett_packard_enterprisehpe_aruba_networking_wireless_operating_system
hewlett_packard_enterprisehpe_aruba_networking_wireless_operating_system10.4.0.0 – 10.4.1.10
hewlett_packard_enterprisehpe_aruba_networking_wireless_operating_system10.7.0.0 – 10.7.2.2
hewlett_packard_enterprisehpe_aruba_networking_wireless_operating_system8.10.0.0 – 8.10.0.21
hewlett_packard_enterprisehpe_aruba_networking_wireless_operating_system8.12.0.0 – 8.12.0.6
hewlett_packard_enterprisehpe_aruba_networking_wireless_operating_system8.13.0.0 – 8.13.1.1
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.