CVE-2026-44856
Published: 12 May 2026
Summary
CVE-2026-44856 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Arubanetworks Arubaos. Its CVSS base score is 7.2 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 27.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-29806
Vulnerability details
Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending specially crafted requests to the…
more
affected services. Successful exploitation could allow the attacker to execute arbitrary code with elevated privileges on the underlying operating system.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in management CLI services directly enables local privilege escalation to execute arbitrary code with elevated OS privileges (T1068).
CVEs Like This One
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.