HPE Aruba Networking has issued a security bulletin on June 2, 2026, alerting that a vulnerability in its ArubaOS‑CX operating system could enable attackers to bypass security policies. The flaw, identified as CVE‑2024‑39894, affects all ArubaOS‑CX releases older than 10.10.1160, 10.13.1090, 10.15.1010 and 10.16.1010. An attacker who exploits the weakness can potentially circumvent the device’s security controls, compromising network integrity. Users of affected firmware are advised to consult the vendor’s security bulletin for patches and upgrade guidance. The notification was issued by the French national cyber security agency, with the full report available at the Aruba Networks CSAF site.
Summary of content from
Made by AI. If you spot anything of concern write us at contact@cybach.com. We’ll promptly correct irregularities.