CVE-2026-44855
Published: 12 May 2026
Summary
CVE-2026-44855 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Arubanetworks Arubaos. Its CVSS base score is 7.2 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 27.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-29805
Vulnerability details
Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending specially crafted requests to the…
more
affected services. Successful exploitation could allow the attacker to execute arbitrary code with elevated privileges on the underlying operating system.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Authenticated admin CLI access to management services with stack buffer overflow (CWE-121) directly enables local privilege escalation via arbitrary code execution on the OS.
CVEs Like This One
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.