CVE-2026-23816
Published: 11 March 2026
Summary
CVE-2026-23816 is a high-severity OS Command Injection (CWE-78) vulnerability in Hpe (inferred from references). Its CVSS base score is 7.2 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Network Device CLI (T1059.008); ranked at the 36.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 CM-7 (Least Functionality) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2026-23816 is a vulnerability in the command line interface of AOS-CX Switches that could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system. Classified under CWE-78 (OS Command Injection), it received a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) upon publication on March 11, 2026.
The vulnerability can be exploited by an authenticated remote attacker possessing high privileges, such as an administrative user, over the network with low attack complexity and no user interaction required. Successful exploitation enables the attacker to achieve high impacts on confidentiality, integrity, and availability, potentially granting full control over the underlying operating system.
HPE has published a security advisory providing details on the vulnerability and mitigation measures at https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-11077
Vulnerability details
A vulnerability in the command line interface of AOS-CX Switches could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
OS command injection in network device CLI directly enables arbitrary command execution via T1059.008.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires validation and sanitization of CLI inputs to block OS command injection attempts that exploit this CVE.
Enforces disabling or restricting unnecessary CLI commands and OS-level execution paths that enable the arbitrary command execution in this vulnerability.
Mandates timely application of vendor patches that remediate the OS command injection flaw described in the CVE.