Vulnerability Description
A vulnerability has been identified in the wireless encryption handling of Wi-Fi transmissions. A malicious actor can generate shared-key authenticated transmissions containing targeted payloads while impersonating the identity of a primary BSSID.Successful exploitation allows for the delivery of tampered data to specific endpoints, bypassing standard cryptographic separation.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Arubanetworks | Arubaos | >= 6.5.4.0, <= 8.10.0.21 |
| Arubanetworks | 7010 | - |
| Arubanetworks | 7030 | - |
| Arubanetworks | 7205 | - |
| Arubanetworks | 7210 | - |
| Arubanetworks | 7220 | - |
| Arubanetworks | 7240Xm | - |
| Arubanetworks | 7280 | - |
| Arubanetworks | 9004 | - |
| Arubanetworks | 9004-Lte | - |
| Arubanetworks | 9012 | - |
| Arubanetworks | 9106 | - |
| Arubanetworks | 9114 | - |
| Arubanetworks | 9240 | - |
| Arubanetworks | Ap-634 | - |
| Arubanetworks | Ap-635 | - |
| Arubanetworks | Ap-654 | - |
| Arubanetworks | Ap-655 | - |
Related Weaknesses (CWE)
References
FAQ
What is CVE-2026-23601?
CVE-2026-23601 is a vulnerability with a CVSS score of 5.4 (MEDIUM). A vulnerability has been identified in the wireless encryption handling of Wi-Fi transmissions. A malicious actor can generate shared-key authenticated transmissions containing targeted payloads while...
How severe is CVE-2026-23601?
CVE-2026-23601 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-23601?
Check the references section above for vendor advisories and patch information. Affected products include: Arubanetworks Arubaos, Arubanetworks 7010, Arubanetworks 7030, Arubanetworks 7205, Arubanetworks 7210.