Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.
7.6

Wi-Fi Port Stealing Technique Bypasses Network Isolation

CVE-2026-23809
Summary

Multiple Wi-Fi networks with separate access points may be vulnerable to a technique that allows an attacker to intercept and redirect network traffic, potentially leading to eavesdropping, hijacking, or denying service to legitimate users. This vulnerability affects networks that use multiple BSSIDs to isolate traffic between access points. To protect your network, ensure that you have implemented robust isolation controls between BSSIDs and consider upgrading your Wi-Fi infrastructure to the latest software and security patches.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software
VendorProductAffected versionsFix available
arubanetworks arubaos > 6.5.4.0 , <= 8.10.0.21
arubanetworks arubaos > 8.11.0.0 , <= 8.12.0.6
arubanetworks arubaos > 8.13.0.0 , <= 8.13.1.1
arubanetworks arubaos > 10.3.0.0 , <= 10.4.1.10
arubanetworks arubaos > 10.5.0.0 , <= 10.7.2.2
arubanetworks arubaos 10.8.0.0
Original title
A technique has been identified that adapts a known port-stealing method to Wi-Fi environments that use multiple BSSIDs. By leveraging the relationship between BSSIDs and their associated virtual p...
Original description
A technique has been identified that adapts a known port-stealing method to Wi-Fi environments that use multiple BSSIDs. By leveraging the relationship between BSSIDs and their associated virtual ports, an attacker could potentially bypass inter-BSSID isolation controls. Successful exploitation may enable an attacker to redirect and intercept the victim's network traffic, potentially resulting in eavesdropping, session hijacking, or denial of service.
nvd CVSS3.1 5.4
Vulnerability type
CWE-400 Uncontrolled Resource Consumption
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026