A critical privilege escalation vulnerability affecting multiple storage platforms could allow remote attackers to gain administrative access without physical interaction.
The flaw, tracked as CVE-2026-23594, impacts HPE Alletra 6000, Alletra 5000, and Nimble Storage arrays running vulnerable firmware versions.
The vulnerability exists in specific configurations of the affected storage operating systems and enables remote privilege elevation when exploited.
With a CVSS v3.1 score of 8.8 (High), the flaw requires low attack complexity and only low-level privileges to exploit, making it particularly dangerous for enterprise environments where storage systems are network-accessible.
| CVE ID | CVSS 3.1 Vector | CVSS Score | Severity | Impact Type | Attack Vector |
|---|---|---|---|---|---|
| CVE-2026-23594 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 8.8 | High | Remote Privilege Elevation | Network |
According to HPE’s security bulletin HPESBST04995, successful exploitation grants attackers high impact across confidentiality, integrity, and availability, effectively providing complete system compromise.
The attack vector is network-based with no user interaction required, allowing threat actors to escalate from limited user accounts to complete administrative control.
Affected Products and Versions
The vulnerability affects multiple HPE storage product lines running Array OS versions before the patched releases.
Organizations using the following platforms should prioritize remediation:
| Product | Affected Versions |
|---|---|
| HPE Alletra 6000 | < 6.1.2.8006.1.3 < 6.1.3.300 |
| HPE Alletra 5000 | < 6.1.2.8006.1.3 < 6.1.3.300 |
| Nimble Storage Hybrid Flash | < 6.1.2.8006.1.3 < 6.1.3.300 |
| Nimble Storage All Flash | < 6.1.2.8006.1.3 < 6.1.3.300 |
HPE released security patches on January 20, 2026, to address the privilege escalation flaw.
Administrators should immediately upgrade vulnerable systems to one of the following patched versions: Alletra OS 6.1.2.800, Alletra OS 6.1.3.300.
The patches eliminate the configuration weakness that allowed privilege escalation, restoring proper access controls within the storage management interface.
Enterprise storage systems frequently contain business-critical data and serve as single points of failure for production environments.
Unauthorized administrative access could enable attackers to exfiltrate sensitive information, deploy ransomware, or disrupt storage operations across entire data centers.
Organizations should treat this vulnerability as a high priority and deploy patches in accordance with their change management procedures.
HPE recommends that customers apply third-party security patches in accordance with established patch management policies and contact HPE Services support for assistance with implementation.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
