CVE-2025-37128

Authenticated Arbitrary Process Termination allows potential System Disruption in ECOS

CVSS 6.8 MEDIUMEPSS 0.3%CWE-250

A vulnerability in the web API of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to terminate arbitrary running processes. Successful exploitation could allow an attacker to disrupt system operations, potentially resulting in an unstable system state.

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H

Produtos afetados

Hewlett Packard Enterprise (HPE) · HPE Aruba Networking EdgeConnect SD-WAN Gateway

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04943en_us&docLocale=en_US