CVE-2026-23601
Frame Injection via Shared GTK Allows Traffic Spoofing and Client Compromise
A vulnerability has been identified in the wireless encryption handling of Wi-Fi transmissions. A malicious actor can generate shared-key authenticated transmissions containing targeted payloads while impersonating the identity of a primary BSSID.Successful exploitation allows for the delivery of tampered data to specific endpoints, bypassing standard cryptographic separation.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Productos afectados
Hewlett Packard Enterprise (HPE) · HPE Aruba Networking Wireless Operating System (AOS-10 & AOS-8)¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →