-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 HPE Aruba Networking Product Security Advisory ============================================= Advisory ID: HPESBNW04970 CVE: CVE-2025-37161, CVE-2025-37162 Publication Date: 2025-NOV-18 Status: Confirmed Severity: High Revision: 1 Title ===== HPE Aruba Networking 100 Series Cellular Bridge, Multiple Vulnerabilities Overview ======== HPE Aruba Networking has released software updates for the 100 Series Cellular Bridge that address multiple security vulnerabilities. Affected Products ================= HPE Aruba Networking 100 Series Cellular Bridge version(s): - - AOS-10.7.1.x: 10.7.1.1 and below HPE Aruba Networking bridge software versions that are end of maintenance are affected by these vulnerabilities unless otherwise indicated. Unaffected Products ================= Any other HPE Aruba Networking products and software versions not specifically listed above are not affected by these vulnerabilities. Details ======= Unauthenticated Remote Denial-of-Service (DoS) Vulnerability in Web Management Interface (CVE-2025-37161) - ----------------------------------------------------------------- A vulnerability in the web-based management interface of affected products could allow an unauthenticated remote attacker to cause a denial of service. Successful exploitation could allow an attacker to crash the system, preventing it from rebooting without manual intervention and disrupting network operations. Internal References: ATLWL-555 Severity: High CVSS v3.1 Base Score: 7.5 CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Discovery: This vulnerability was discovered and reported by Nicholas Starke from HPE Aruba Networking SIRT. Authenticated Command Injection Vulnerability Leading to Arbitrary Remote Command Execution (CVE-2025-37162) - ----------------------------------------------------------------- A vulnerability in the command line interface of affected devices could allow an authenticated remote attacker to conduct a command injection attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system. Internal References: ATLWL-551, ATLWL-554 Severity: Medium CVSS v3.1 Base Score: 6.5 CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N Discovery: This vulnerability was discovered and reported by Nicholas Starke from HPE Aruba Networking SIRT. Resolution ========== To remediate the vulnerabilities described in the Details section above, upgrade the HPE Aruba Networking 100 Series Cellular Bridge firmware to the applicable version shown below: - - AOS-10.7.2.0 and above Software versions with resolution/fixes for the vulnerabilities covered above can be downloaded from the HPE Networking Support Portal at https://networkingsupport.hpe.com/home/ HPE Aruba Networking does not evaluate or patch software branches that have reached their End of Maintenance (EoM) milestone. For more information about HPE Aruba Networking End of Life policy please visit: https://www.hpe.com/psnow/doc/a00143052enw Workaround ========== To minimize the likelihood of an attacker exploiting these vulnerabilities, HPE Aruba Networking recommends that the CLI and web-based management interfaces be restricted to a dedicated layer 2 segment/VLAN and/or controlled by firewall policies at layer 3 and above, along with accounting controls for tracking and logging user activities and resource usage. Exploitation and Public Discussion ================================== HPE Aruba Networking is not aware of any public discussion or exploit code that targets the vulnerabilities listed as of the release date of this advisory. Revision History ================ Revision 1 / 2025-NOV-18/ Initial release HPE Aruba Networking SIRT Security Procedures ============================== Complete information on reporting security vulnerabilities in HPE Aruba Networking products and obtaining assistance with security incidents is available at: https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00100637en_us For reporting *NEW* HPE Aruba Networking security issues, email can be sent to aruba-sirt@hpe.com. For sensitive information we encourage the use of PGP encryption. Our public keys can be found at: https://www.hpe.com/info/psrt-pgp-key (c) Copyright 2025 by Hewlett Packard Enterprise Development LP. This advisory may be redistributed freely after the release date given at the top of the text, provided that the redistributed copies are complete and unmodified, including all data and version information. -----BEGIN PGP SIGNATURE----- iQHLBAEBCAA1FiEEMErWmuZGsYOCo0+xpjMm7I0cE64FAmkbJEkXHHNlY3VyaXR5 LWFsZXJ0QGhwZS5jb20ACgkQpjMm7I0cE67giwv/d5qGkgmuKPVGtwtCzk4BEzBx Bh7HOdyR8Q61/BpnewpAqz8dYXfaB2UFWNr6P9JDtYvBbWLwZCa1zIJJiZIoh5WK YCkUebIXJIqu+MbnSAAGbnSeTaXmcYC3J+zUIqiTpM+enhiKaYZg3kI+OwS0xe+J u3Gj/HN81wQdYfEC17WLGTOJ32FJGM45lk1oU7KNp1nYMyapqLTiUJ9ufba7ZLLV nKbFEoNVvXUlEE9ZhkMqCaeBC4fOurkYLcK+9Y7LSaA6MRoiLx0FDOdMpAUYdJ5z RRn9uQU7PunWZoey+A6uv5C2WWTaKFbhKG4xW4q9MsJwIYOm21Ce0Ii8jakkoJiR r5qZJIW/kjB7dmUpA9lEdw8rYiQFZZ+o2HSIL451i1sFr8vvI2H/rtg6XRHUhEHX b7ou/1sww7lkrscEGf1P6+oSv8aY2I4sNMfY5bo/4wpewFJk1RT03xr9p6Ppvi2F 5R+7Rz+QsshB9rV/T5OMuFZX73qvWizW06Nvripu =bqjG -----END PGP SIGNATURE-----