—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Multiple Vulnerabilities in HPE Aruba Networking AOS 

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: HIGH

Systems Affected

HPE (Hewlett Packard Enterprise) Aruba Networking Mobility Conductors, Controllers and WLAN and SD-WAN Gateways  

HPE AOS (Aruba OS) -10.7.2.1 and below 

HPE AOS -10.4.1.9 and below 

HPE AOS- 8.13.1.0 and below 

HPE AOS -8.10.0.20 and below 

All HPE AOS-10.6.x.x versions

All HPE AOS-10.5.x.x versions

All HPE AOS-10.3.x.x versions

All HPE AOS-8.12.x.x versions

All HPE AOS-8.11.x.x versions

All HPE AOS-8.9.x.x versions

All HPE AOS-8.8.x.x versions

All HPE AOS-8.7.x.x versions

All HPE AOS-8.6.x.x versions

All HPE AOS-6.5.4.x versions

All HPE SD-WAN 8.7.0.0-2.3.0.x versions

All HPE SD-WAN 8.6.0.4-2.2.x.x versions

Overview

Multiple Vulnerabilities have been reported in HPE ArubaOS (AOS) which could allow the attacker to execute arbitrary code, command injection, arbitrary file deletion, buffer overflow, Stack overflow and denial of service (DoS) attack on the targeted systems.

Target Audience:

All organizations and individuals using HPE Aruba Networking AOS.

Risk Assessment:

High risks of system compromise and unauthorized access.

Impact Assessment:

Potential impact on confidentiality, integrity and availability of the system.

Description

1. Arbitrary File Deletion Vulnerability ( CVE-2025-37168   )

A vulnerability exists in a system function of mobility conductors running AOS-8 operating system due to missing authorization checks. An attacker could exploit this vulnerability by sending specially crafted request to the system.  Successful exploitation of this vulnerability could allow the attacker to delete arbitrary files and cause denial of service (DoS) conditions on affected devices.

2. Stack Overflow Vulnerability ( CVE-2025-37169   )

A vulnerability exists in the AOS-10 web-based management interface of a Mobility Gateway due to a boundary error. An attacker could exploit this vulnerability by sending specially crafted request to the system.

Successful exploitation of this vulnerability could allow the attacker to execute arbitrary code and trigger a stack based buffer overflow on the targeted system.

3. Command Injection Vulnerability ( CVE-2025-37170   CVE-2025-37171   CVE-2025-37172   )

These vulnerabilities exist in the web based management interface of mobility conductors running AOS-8 operating system due to improper input validation. An attacker could exploit these vulnerabilities by sending specially crafted HTTP request to the system.

Successful exploitation of these vulnerabilities could allow the attacker to execute arbitrary commands on the targeted system.

4. Improper Input Handling Vulnerability ( CVE-2025-37173   )

A vulnerability exists in the web based management interface of mobility conductors running either AOS-10 or AOS-8 operating system due to insufficient validation of user supplied input. An attacker could exploit this vulnerability by sending specially crafted input to the system.

Successful exploitation of this vulnerability could allow the attacker to execute arbitrary code and compromise the affected system.

5. Arbitrary File Write Vulnerability ( CVE-2025-37174   )

A vulnerability exists in the web based management interface of mobility conductors running either AOS-10 or AOS-8 operating system due to insufficient validation of file during file upload.

Successful exploitation of this vulnerability could allow the attacker to create or modify arbitrary files and execute arbitrary commands on the targeted system.

6.  Arbitrary File Upload Vulnerability ( CVE-2025-37175   )

A vulnerability exists in the web based management interface of mobility conductors running either AOS-10 or AOS-8 operating system due to insufficient validation of file during file upload.

Successful exploitation of this vulnerability could allow the attacker to upload a malicious file and execute it on the affected system.

7. Command Injection Vulnerability ( CVE-2025-37176   )

A vulnerability exists in AOS-8 due to improper input validation. An attacker could exploit this vulnerability by altering a package header.

Successful exploitation of this vulnerability could allow the attacker to execute arbitrary commands on the targeted system.

8. Arbitrary File Deletion Vulnerability ( CVE-2025-37177   )

A vulnerability exists in the command line interface of mobility conductors running either AOS-10 or AOS-8 operating system due to improper input validation.

Successful exploitation of this vulnerability could allow the attacker to delete arbitrary files of the affected system.

9. Out-of-Bounds Read Vulnerability ( CVE-2025-37178   CVE-2025-37179   )

These vulnerabilities exist in a system component responsible for handling certain data buffers due to insufficient validation of maximum buffer size values.  An attacker could exploit these vulnerabilities by sending specially crafted data to the system.

Successful exploitation of these vulnerabilities could allow the attacker to perform denial of service attack on the affected system.

Solution

Apply appropriate updates as mentioned in HPE Aruba advisory:

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04987en_us&docLocale=en_US

Vendor Information

HPE

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04987en_us&docLocale=en_US

References

HPE

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04987en_us&docLocale=en_US

CVE Name

CVE-2025-37168

CVE-2025-37169

CVE-2025-37170

CVE-2025-37173

CVE-2025-37174

CVE-2025-37175

CVE-2025-37176

CVE-2025-37177

CVE-2025-37178

CVE-2025-37171

CVE-2025-37172

CVE-2025-37179

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAml0r0EACgkQ3jCgcSdc

ys8Fuw/8Cq103fz0bDWVig7UCTY0rqbmf1x5l97+KeaKQ1flS8zgT7FNBws3js6X

zF+GVgLtEu/kDjU2TIIHYtJ+1db+gwR19YOy3GSKwBzqwhpYE0WbOkfn7XeeFneP

yf6mAA1xaevwAe7dptyldaS6+F/OqQ6hQRzBsHZZfpk872smrx6FlPXLD0cx+SBt

6Gp4vHzEPLQgPehX1nGckvhRcrXYAaIoFpjOYfad7UyUd6afQs6VU7GMGc008sYw

YvvWZVwzpJ5rFwnD+Bxo2bw7cSJSpMZHkqnh1kMS/yZZdnf1Y/KPijm5iVIC78b2

Qr5riq6ubmxmO2LD06c6AyMWXvoxOhkCl3xuFoD1ZcuaiMLf++g9Jp2KMhfl949J

iSl5NW2Hx4G9KC2P2W8+rXAHtY6nUsqN3c/T7Bot448kq8FpHD3CYjwbFqiIGe5h

fon73fS6mqf5EMK92Pbil6p81Jyt4fUN5FTTvtaj2TqRTaOKTuk6TAEagS7rX2K+

Vimoiu8sJJrBSChQoK2jbFtgBlHLAQlvuyWNBvRj5p0yzfQRWGuuU6bw9z2Dnh9R

rA4MbCwMM4FX2TmElXI5RkkX2kZ3lbLaaHhv7Hx+UVYhS+Xdq8x6330zZ2lVkrW/

m9vmnFlSn1ZBPCz2colLgEOFHWEqXo6btQz0EazrvW4Y+seVj7A=

=ZifQ

—–END PGP SIGNATURE—–