CVE-2026-23599

Summary

A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking ClearPass OnGuard Software for Linux. Successful exploitation of this vulnerability could allow a local attacker to achieve arbitrary code execution with root privileges.

Affected Software

VendorProductVersion RangeStatus
Hewlett Packard Enterprise (HPE)HPE Aruba Networking ClearPass Policy Manager6.12.0 <= 6.12.7affected
Hewlett Packard Enterprise (HPE)HPE Aruba Networking ClearPass Policy Manager6.11.0 <= 6.11.13affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References