-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 HPE Aruba Networking Product Security Advisory =============================== Advisory ID: HPESBNW05012 CVE: CVE-2026-23599 Publication Date: 2026-Feb-17 Status: Confirmed Severity: High Revision: 1 Title ===== Local Privilege Escalation Vulnerability in HPE Aruba Networking Clear Pass Policy Manager (CPPM) OnGuard Software for Linux Overview ======== HPE Aruba Networking has released updates to the ClearPass Policy Manager OnGuard Software for Linux to address a local privilege escalation vulnerability Affected Products ================= This vulnerability affects HPE Aruba Networking ClearPass Policy Manager OnGuard for Linux running the following software versions unless specifically noted otherwise in the details section: HPE Aruba Networking ClearPass Policy Manager - 6.12.x: ClearPass 6.12.7 and below - 6.11.x: ClearPass 6.11.13 and below HPE Aruba Networking ClearPass Policy Manager software versions that have reached end of life are affected by the disclosed vulnerability unless otherwise indicated. Unaffected Products =================== Any other HPE Aruba Networking products not specifically listed above are not affected by this vulnerability. Details ======= Local Privilege Escalation Vulnerability in HPE Aruba Networking Clear Pass Policy Manager OnGuard for Linux (CVE-2026-23599) - ------------------------------------------------------------------------- A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking ClearPass OnGuard Software for Linux. Successful exploitation of this vulnerability could allow a local attacker to achieve arbitrary code execution with root privileges. Internal references: VULN-207 Severity: High CVSS v3.1 Base Score: 7.8 CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Discovery: This vulnerability was internally discovered and reported by the Engineering team of HPE Aruba Networking. Resolution ========== Upgrade HPE Aruba Networking ClearPass Policy Manager to one of the following versions to remediate the vulnerability noted in the Details section. HPE Aruba Networking ClearPass Policy Manager - 6.12.x: ClearPass 6.12.7 Hotfix Patch for CVE-2026-23599 and above - 6.11.x: ClearPass 6.11.13 Hotfix Patch for CVE-2026-23599 and above Software versions with resolution/fixes for the vulnerability covered above can be downloaded from the HPE Networking Support Portal at https://networkingsupport.hpe.com/downloads;fileTypes=SOFTWARE. Supported versions as of the publication date of this advisory are: - HPE Aruba Networking ClearPass Policy Manager 6.12.x - HPE Aruba Networking ClearPass Policy Manager 6.11.x HPE Aruba Networking does not evaluate or patch software branches that have reached their End of Maintenance (EoM) milestone. For more information about HPE Aruba Networking End of Life policy please visit: https://www.hpe.com/psnow/doc/a00143052enw Workaround ========== To minimize the likelihood of an attacker exploiting this vulnerability, HPE Aruba Networking recommends that the web-based management interfaces be restricted to a dedicated layer 2 segment/VLAN and/or controlled by firewall policies at layer 3 and above. You may contact HPE Services Aruba Networking for any configuration assistance if needed. HPE Aruba Networking ClearPass Policy Manager Security Hardening =========================================== For general information on hardening HPE Aruba Networking ClearPass Policy Manager instances against security threats please see the ClearPass Policy Manager Hardening Guide. HPE Aruba Networking ClearPass Policy Manager Hardening Guides - For the 6.12.x branch, the Hardening Guide is available at https://arubanetworking.hpe.com/techdocs/ClearPass/6.12/PolicyManager/Content/Hardening/Introduction.htm - For the 6.11.x branch, the Hardening Guide is available at https://arubanetworking.hpe.com/techdocs/ClearPass/6.11/PolicyManager/Content/Hardening/Introduction.htm Exploitation and Public Discussion ================================== HPE Aruba Networking is not aware of any public discussion or exploit Code that targets the local privilege escalation vulnerability as of the release date of this advisory. Revision History ================ Revision 1 / 2026-Feb-17 / Initial release HPE Aruba Networking SIRT Security Procedures ============================== Complete information on reporting security vulnerabilities in HPE Aruba Networking products and obtaining assistance with security incidents is available at: https://www.hpe.com/support/security-response-policy For reporting *NEW* HPE Aruba Networking security issues, email can be sent to aruba-sirt(at)hpe.com. For sensitive information we encourage the use of PGP encryption. Our public keys can be found at: https://www.hpe.com/info/psrt-pgp-key (c) Copyright 2026 by Hewlett Packard Enterprise Development LP. This advisory may be redistributed freely after the release date given at the top of the text, provided that the redistributed copies are complete and unmodified, including all data and version information. -----BEGIN PGP SIGNATURE----- iQHLBAEBCAA1FiEEMErWmuZGsYOCo0+xpjMm7I0cE64FAmmPbTEXHHNlY3VyaXR5 LWFsZXJ0QGhwZS5jb20ACgkQpjMm7I0cE64W6gv/SIxkPauEUgVKTTTPx6PF3S4F rNpqmxEO4vm2WFwWME1LZ7oGHvjofpRr15HyzJ/55cmy7+xiDUu5gKTl1lNojedO /ynouse2sf/paLQvYNGkoa+5K+kJ7dRDb8mYr623hwZHAHpoF6JVDYUNg2trFkxs Aa1hCHGrjGx4b+2wjaqoLvSLgAvzXCwbV1+6o3qTiCvEXpJ5J9jsD+yKRHJ8SU2l 4vVtCdJrU5lGoUFnYz+6vm/YFg1R0m3clIPURhNquOpbv9VJqWAE/r3IoLBu2qSE CroTo80YEEzXoqF6AD0c5DNDm2KEIfhLtbi2n5KqxauQV2MEA972+f1yTFnoFxEe XV7GCoZ+IgYhQJkKeCWRtSiH6Av0I2bdZgAYEIKmhWhVANQqogzh0lDunZCUwCHo 4CoCQ6lDnYuf6VWSP1YOWPT+zfqxsniW8ASKkgJypivZidQb/3EAnVdX7N6kefG1 eCI5F25nMnlMJyx6TZlwPSVciZLrN6Ot2L+JH3Qj =Z52Z -----END PGP SIGNATURE-----