VDB
CVE-2025-37179
CVE-2025-37179
PUBLISHED
CVSS 5.300000190734863 MEDIUM
Multiple out-of-bounds read vulnerabilities were identified in a system component responsible for handling certain data buffers. Due to insufficient validation of maximum buffer size values, the process may attempt to read beyond the intended memory region. Under specific conditions, this can result in a crash of the affected process and a potential denial-of-service of the compromised process.
EPSS 0.08% · 23.6th percentile
Risk Scores
CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS Score
0.08%
23.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) | 8.12.0.0, 8.10.0.0, 8.12.0.0 |
| arubanetworks | arubaos | 8.6.0.0, 8.11.0.0, 8.6.0.0 |
Exploit Intelligence
Timeline
- Jan 13, 2026 CVE Published
- Jan 14, 2026 EPSS Score
- Jan 17, 2026 EPSS Score
- Jan 20, 2026 EPSS Score
- Jan 23, 2026 EPSS Score
- Jan 23, 2026 CVE Updated
- Jan 26, 2026 EPSS Score
- Jan 29, 2026 EPSS Score
- Feb 1, 2026 EPSS Score
- Feb 4, 2026 EPSS Score
- Feb 7, 2026 EPSS Score
- Feb 10, 2026 EPSS Score
References
- https://csaf.arubanetworks.com/2026/hpe_aruba_networking_-_hpesbnw04987.txt advisory
- https://csaf.arubanetworks.com/2026/hpe_aruba_networking_-_hpesbnw04994.txt advisory
- https://csaf.arubanetworks.com/2026/hpe_aruba_networking_-_hpesbnw04988.txt advisory
- https://csaf.arubanetworks.com/2026/hpe_aruba_networking_-_hpesbnw04992.txt advisory
- https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04987en_us&docLocale=en_US url
- https://nvd.nist.gov/vuln/detail/CVE-2025-37179 advisory