CVE-2025-37125 | THREATINT

Description

A broken access control vulnerability exists in HPE Aruba Networking EdgeConnect OS (ECOS). Successful exploitation could allow an attacker to bypass firewall protections, potentially leading to unauthorized traffic being handled improperly

PUBLISHED Reserved 2025-04-16 | Published 2025-09-16 | Updated 2025-09-17 | Assigner hpe

HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Product status

Default status

affected

9.5.0.0 (semver)

affected

9.4.0.0 (semver)

affected

Credits

Unknown contributor reporter

References

support.hpe.com/...y?docId=hpesbnw04943en_us&docLocale=en_US

cve.org (CVE-2025-37125)

nvd.nist.gov (CVE-2025-37125)

Download JSON