{ "document": { "aggregate_severity": { "namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale", "text": "High" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en-US", "notes": [ { "category": "summary", "text": "HPE Aruba Networking has released a software patch for HPE Networking Instant On Access Points that address multiple security vulnerabilities. ", "title": "Summary" }, { "category": "general", "text": "HPE Networking Instant On Access Points running software version \n\n - 3.3.1.0 and below ", "title": "Affected Products" }, { "category": "general", "text": "HPE Networking Instant On Switches \n\nAny other supported HPE Aruba Networking products and supported \n\nSoftware versions that are not listed under the Affected Products section of this advisory ", "title": "Unaffected Products" }, { "category": "other", "text": "HPE Networking is not aware of any public discussion or exploit code targeting this specific vulnerability as of the release date of the advisory.", "title": "Exploitation and Public Discussion" }, { "category": "general", "text": "Complete information on reporting security vulnerabilities in HPE Networking products and obtaining assistance with security incidents is available at:\nhttp://www.hpe.com/support/security-response-policy\n \nFor reporting NEW HPE Networking security issues, email can be sent to aruba-sirt@hpe.com. For sensitive information we encourage the use of PGP encryption. Our public keys can be found at: https://www.hpe.com/info/psrt-pgp-key ", "title": "Aruba SIRT Security Procedures" }, { "category": "legal_disclaimer", "text": "(c) Copyright 2026 by Hewlett Packard Enterprise Development LP. This advisory may be redistributed freely after the release date given at the top of the text, provided that the redistributed copies are complete and unmodified, including all data and version information.", "title": "Legal Disclaimer" } ], "publisher": { "category": "vendor", "contact_details": "Email: aruba-sirt(at)hpe.com - For further details please see http://www.hpe.com/support/security-response-policy", "issuing_authority": "HPE Aruba Networking's Security Incident Response Team (SIRT) is responsible for receiving, tracking, managing, and disclosing vulnerabilities in HPE Aruba Networking products. The HPE Aruba Networking SIRT actively works with industry, non-profit, government organizations, and the security community when vulnerabilities are reported. A security vulnerability is defined as any weakness in a product that allows an attacker to compromise the confidentiality, integrity, or availability of a product, customer infrastructure, or IT system through an HPE Aruba Networking product in that environment.", "name": "HPE Networking", "namespace": "http://www.hpe.com/support/security-response-policy" }, "references": [ { "summary": "Original Advisory", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04988en_us&docLocale=en_US" }, { "summary": "HPE Aruba Networking Security Advisory Archive", "url": "https://csaf.arubanetworking.hpe.com/" }, { "summary": "HPE Aruba Networking Product Security Incident Response Policy", "url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00100637en_us" } ], "title": "HPE Networking Instant On Access Point Multiple Vulnerabilities", "tracking": { "current_release_date": "2026-01-13T17:00:00.000Z", "generator": { "date": "2026-01-12T22:06:52.807Z", "engine": { "name": "Secvisogram", "version": "2.5.42" } }, "id": "HPESBNW04988", "initial_release_date": "2026-01-13T17:00:00.000Z", "revision_history": [ { "date": "2026-01-13T17:00:00.000Z", "number": "1", "summary": "Initial Release" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "3.3.2.0", "product": { "name": "Instant On ", "product_id": "3.3.2.0" } }, { "category": "product_version_range", "name": "vers:semver/>=3.0.0.0|<=3.3.1.0", "product": { "name": "Instant On ", "product_id": ">=3.0.0.0|<=3.3.1.0" } } ], "category": "product_name", "name": "Instant On " } ], "category": "vendor", "name": "HPE Networking Instant On" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Daniel J. Blueman" ], "organization": "Quora.org", "summary": "This vulnerability was discovered and reported by Daniel J Blueman of Quora.org" } ], "cve": "CVE-2025-37165", "cwe": { "id": "CWE-798", "name": "Use of Hard-coded Credentials" }, "notes": [ { "category": "details", "text": "A vulnerability in the router mode configuration of HPE Instant On Access Points exposed certain network configuration details to unintended interfaces. A malicious actor could gain knowledge of internal network configuration details through inspecting impacted packets.", "title": "Details" }, { "category": "other", "text": "ATLWL-563", "title": "Internal Reference" } ], "product_status": { "fixed": [ "3.3.2.0" ], "known_affected": [ ">=3.0.0.0|<=3.3.1.0" ] }, "remediations": [ { "category": "vendor_fix", "date": "2026-01-13T17:00:00.000Z", "details": "Upgrade to HPE Networking Instant On software version 3.3.2.0 and above. \n\nPlease note that Instant On devices started updating automatically during the week of December 10, 2025. No action is required from customers \nfor this to occur, but manual upgrades may be triggered via the Instant \n\nOn app or web portal after the release date. \n\nNote: These vulnerabilities only affect HPE Networking Instant On Access \n\nPoints only. HPE Networking Instant On Switches are not affected. \n\nHPE Aruba Networking does not evaluate or patch software branches that have reached their End of Support Life (EoSL) milestone. \n\nFor more information about HPE Aruba Networking products End of Support policy visit: https://www.hpe.com/psnow/doc/a00143052enw", "product_ids": [ "3.3.2.0" ], "url": "https://portal.instant-on.hpe.com/" }, { "category": "workaround", "date": "2026-01-13T17:00:00.000Z", "details": "None", "product_ids": [ ">=3.0.0.0|<=3.3.1.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "environmentalScore": 7.5, "environmentalSeverity": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 7.5, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ ">=3.0.0.0|<=3.3.1.0" ] } ], "title": "Exposure of VLAN information in unintended network interfaces" }, { "acknowledgments": [ { "names": [ "Petr Chelmar" ], "organization": "GreyCortex", "summary": "This vulnerability was discovered and reported by Petr Chelmar of GreyCortex" } ], "cve": "CVE-2025-37166", "cwe": { "id": "CWE-798", "name": "Use of Hard-coded Credentials" }, "notes": [ { "category": "details", "text": "A vulnerability affecting HPE Networking Instant On Access Points has been identified where a device processing a specially crafted packet could enter a non-responsive state, in some cases requiring a hard reset to re-establish services. A malicious actor could leverage this vulnerability to conduct a Denial-of-Service attack on a target network.", "title": "Details" }, { "category": "other", "text": "VULN-128", "title": "Internal Reference" } ], "product_status": { "fixed": [ "3.3.2.0" ], "known_affected": [ ">=3.0.0.0|<=3.3.1.0" ] }, "remediations": [ { "category": "vendor_fix", "date": "2026-01-13T17:00:00.000Z", "details": "Upgrade to HPE Networking Instant On software version 3.3.2.0 and above. \n\nPlease note that Instant On devices started updating automatically during the week of December 10, 2025. No action is required from customers \nfor this to occur, but manual upgrades may be triggered via the Instant \n\nOn app or web portal after the release date. \n\nNote: These vulnerabilities only affect HPE Networking Instant On Access \n\nPoints only. HPE Networking Instant On Switches are not affected. \n\nHPE Aruba Networking does not evaluate or patch software branches that have reached their End of Support Life (EoSL) milestone. \n\nFor more information about HPE Aruba Networking products End of Support policy visit: https://www.hpe.com/psnow/doc/a00143052enw", "product_ids": [ "3.3.2.0" ], "url": "https://portal.instant-on.hpe.com/" }, { "category": "workaround", "date": "2026-01-13T17:00:00.000Z", "details": "None", "product_ids": [ ">=3.0.0.0|<=3.3.1.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "environmentalScore": 7.5, "environmentalSeverity": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 7.5, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ ">=3.0.0.0|<=3.3.1.0" ] } ], "title": "Unexpected shutdown in HPE Instant On Access Points after processing specific packets" }, { "acknowledgments": [ { "organization": "HPE Networking", "summary": "These vulnerabilities were discovered by the HPE Instant On engineering team" } ], "cve": "CVE-2023-52340", "cwe": { "id": "CWE-798", "name": "Use of Hard-coded Credentials" }, "notes": [ { "category": "details", "text": "Multiple vulnerabilities in the underlying OS kernel of HPE Networking Instant On devices were identified and resolved upstream by kernel developers. These vulnerabilities primarily stemmed from the processing of IPv4 and IPv6 packets by the OS, which allowed the potential for Denial-of-Service and memory corruption during device operation.", "title": "Details" }, { "category": "other", "text": "VULN-150", "title": "Internal Reference" } ], "product_status": { "fixed": [ "3.3.2.0" ], "known_affected": [ ">=3.0.0.0|<=3.3.1.0" ] }, "remediations": [ { "category": "vendor_fix", "date": "2026-01-13T17:00:00.000Z", "details": "Upgrade to HPE Networking Instant On software version 3.3.2.0 and above. \n\nPlease note that Instant On devices started updating automatically during the week of December 10, 2025. No action is required from customers \nfor this to occur, but manual upgrades may be triggered via the Instant \n\nOn app or web portal after the release date. \n\nNote: These vulnerabilities only affect HPE Networking Instant On Access \n\nPoints only. HPE Networking Instant On Switches are not affected. \n\nHPE Aruba Networking does not evaluate or patch software branches that have reached their End of Support Life (EoSL) milestone. \n\nFor more information about HPE Aruba Networking products End of Support policy visit: https://www.hpe.com/psnow/doc/a00143052enw", "product_ids": [ "3.3.2.0" ], "url": "https://portal.instant-on.hpe.com/" }, { "category": "workaround", "date": "2026-01-13T17:00:00.000Z", "details": "None", "product_ids": [ ">=3.0.0.0|<=3.3.1.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "environmentalScore": 7.5, "environmentalSeverity": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 7.5, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ ">=3.0.0.0|<=3.3.1.0" ] } ], "title": "Multiple vulnerabilities in packet processing identified in underlying OS kernel" }, { "acknowledgments": [ { "organization": "HPE Networking", "summary": "These vulnerabilities were discovered by the HPE Instant On engineering team" } ], "cve": "CVE-2022-48839", "cwe": { "id": "CWE-798", "name": "Use of Hard-coded Credentials" }, "notes": [ { "category": "details", "text": "Multiple vulnerabilities in the underlying OS kernel of HPE Networking Instant On devices were identified and resolved upstream by kernel developers. These vulnerabilities primarily stemmed from the processing of IPv4 and IPv6 packets by the OS, which allowed the potential for Denial-of-Service and memory corruption during device operation.", "title": "Details" }, { "category": "other", "text": "VULN-150", "title": "Internal Reference" } ], "product_status": { "fixed": [ "3.3.2.0" ], "known_affected": [ ">=3.0.0.0|<=3.3.1.0" ] }, "remediations": [ { "category": "vendor_fix", "date": "2026-01-13T17:00:00.000Z", "details": "Upgrade to HPE Networking Instant On software version 3.3.2.0 and above. \n\nPlease note that Instant On devices started updating automatically during the week of December 10, 2025. No action is required from customers \nfor this to occur, but manual upgrades may be triggered via the Instant \n\nOn app or web portal after the release date. \n\nNote: These vulnerabilities only affect HPE Networking Instant On Access \n\nPoints only. HPE Networking Instant On Switches are not affected. \n\nHPE Aruba Networking does not evaluate or patch software branches that have reached their End of Support Life (EoSL) milestone. \n\nFor more information about HPE Aruba Networking products End of Support policy visit: https://www.hpe.com/psnow/doc/a00143052enw", "product_ids": [ "3.3.2.0" ], "url": "https://portal.instant-on.hpe.com/" }, { "category": "workaround", "date": "2026-01-13T17:00:00.000Z", "details": "None", "product_ids": [ ">=3.0.0.0|<=3.3.1.0" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "environmentalScore": 5.5, "environmentalSeverity": "MEDIUM", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "temporalScore": 5.5, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ ">=3.0.0.0|<=3.3.1.0" ] } ], "title": "Multiple vulnerabilities in packet processing identified in underlying OS kernel" } ] }