HPE Aruba Networking AOS-CX software on CX-series switches contains a critical unauthenticated authentication bypass (CVE-2026-23813, CVSS 9.8) that allows a remote attacker to reset the administrative password and gain full device control without prior credentials; successful exploitation could enable traffic interception, network segmentation bypass, or lateral movement. The CVE is not currently listed in CISA’s KEV catalog and carries a low EPSS score (0.05th percentile), but the attack profile—no authentication, no user interaction, CVSS 9.8—warrants immediate patch assessment. Consult the official HPE security advisory for confirmed affected AOS-CX version ranges, restrict management interface access to trusted networks if patching cannot occur immediately, and audit admin-level event logs for unexpected password reset events.