Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.4
Wi-Fi Encryption Handling Flaw Allows Data Tampering
CVE-2026-23601
Summary
A vulnerability in how Wi-Fi encryption handles certain types of data transmissions could allow an attacker to intercept and modify sensitive information sent over a network, potentially leading to data breaches. This issue affects systems using shared-key authentication. To protect your network, ensure you are running the latest software updates and consider using WPA3 encryption if possible.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| arubanetworks | arubaos | > 6.5.4.0 , <= 8.10.0.21 | – |
| arubanetworks | arubaos | > 8.11.0.0 , <= 8.12.0.6 | – |
| arubanetworks | arubaos | > 8.13.0.0 , <= 8.13.1.1 | – |
| arubanetworks | arubaos | > 10.3.0.0 , <= 10.4.1.10 | – |
| arubanetworks | arubaos | > 10.5.0.0 , <= 10.7.2.2 | – |
| arubanetworks | arubaos | 10.8.0.0 | – |
Original title
A vulnerability has been identified in the wireless encryption handling of Wi-Fi transmissions. A malicious actor can generate shared-key authenticated transmissions containing targeted payloads wh...
Original description
A vulnerability has been identified in the wireless encryption handling of Wi-Fi transmissions. A malicious actor can generate shared-key authenticated transmissions containing targeted payloads while impersonating the identity of a primary BSSID.Successful exploitation allows for the delivery of tampered data to specific endpoints, bypassing standard cryptographic separation.
nvd CVSS3.1
5.4
Vulnerability type
CWE-327
Use of a Broken Cryptographic Algorithm
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026