{ "document": { "aggregate_severity": { "namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale", "text": "High" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en-US", "notes": [ { "category": "summary", "text": "HPE Aruba Networking has become aware of a publicly reported vulnerability in the HPE Aruba Networking VIA client for Linux.", "title": "Summary" }, { "category": "general", "text": "These vulnerabilities affect HPE Aruba Networking VIA clients running the following version unless specifically noted otherwise in the details section:\n\nHPE Aruba Networking VIA client for Linux:\n - 4.7.5 and below", "title": "Affected Products" }, { "category": "general", "text": "HPE Aruba Networking VIA client for Microsoft Windows, MacOS, iOS, and Android.", "title": "Unaffected Products" }, { "category": "other", "text": "The listed vulnerability was publicly disclosed at a link that has since been redacted by the researcher. HPE Networking thanks John Carroll for the finding. As of the release date of this advisory, HPE Networking is not aware of any active public exploitation.", "title": "Exploitation and Public Discussion" }, { "category": "general", "text": "Complete information on reporting security vulnerabilities in HPE Aruba Networking products and obtaining assistance with security incidents is available at: https://www.hpe.com/support/security-response-policy. For reporting *NEW* HPE Aruba Networking security issues, email can be sent to aruba-product-sirt(at)hpe.com. For sensitive information we encourage the use of PGP encryption. Our public key can be found at: https://www.hpe.com/info/psrt-pgp-key.", "title": "HPE Aruba Networking SIRT Security Procedures" }, { "category": "legal_disclaimer", "text": "(c) Copyright 2026 by Hewlett Packard Enterprise Development LP. This advisory may be redistributed freely after the release date given at the top of the text, provided that the redistributed copies are complete and unmodified, including all data and version information.", "title": "Legal Disclaimer" } ], "publisher": { "category": "vendor", "contact_details": "Email: aruba-product-sirt@hpe.com - For further details please see https://www.hpe.com/support/security-response-policy", "issuing_authority": "HPE Aruba Networking’s Security Incident Response Team (SIRT) is responsible for receiving, tracking, managing, and disclosing vulnerabilities in HPE Aruba Networking products. \nThe HPE Aruba Networking SIRT actively works with industry, non-profit and government organizations, and the security community when vulnerabilities are reported. \nA security vulnerability is defined as any weakness in a product that allows an attacker to compromise the confidentiality, integrity, or availability of a product, customer infrastructure, or IT system through an HPE Aruba Networking product in that environment.", "name": "HPE Aruba Networking", "namespace": "https://www.hpe.com/support/security-response-policy" }, "references": [ { "summary": "Original Advisory", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04994en_us&docLocale=en_US" }, { "summary": "HPE Aruba Networking Security Advisory Archive", "url": "https://csaf.arubanetworking.hpe.com/" }, { "summary": "HPE Aruba Networking Product Security Incident Response Policy", "url": "https://www.hpe.com/support/security-response-policy" } ], "title": "Local Privilege Escalation Vulnerability in HPE Aruba Networking Virtual Intranet Access (VIA) Client for Linux", "tracking": { "current_release_date": "2026-01-27T17:00:00.000Z", "generator": { "date": "2026-01-27T22:21:50.752Z", "engine": { "name": "Secvisogram", "version": "2.5.42" } }, "id": "HPESBNW04994", "initial_release_date": "2026-01-13T17:00:00.000Z", "revision_history": [ { "date": "2025-04-01T16:00:00.000Z", "number": "1", "summary": "Initial release" }, { "date": "2026-01-27T17:00:00.000Z", "number": "2", "summary": "Updated Resolution section." } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "4.7.6", "product": { "name": "Virtual Intranet Access (VIA)", "product_id": "4.7.6", "product_identification_helper": { "model_numbers": [ "HPE Aruba Networking CX 10000 Switch Series" ] } } }, { "category": "product_version_range", "name": "vers:semver/>=4.0.0|<=4.7.5", "product": { "name": "Virtual Intranet Access (VIA)", "product_id": ">=4.0.0|<=4.7.5", "product_identification_helper": { "model_numbers": [ "HPE Aruba Networking CX 10000 Switch Series" ] } } } ], "category": "product_name", "name": "Virtual Intranet Access (VIA)" } ], "category": "vendor", "name": "HPE Aruba Networking" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "John Carroll" ] } ], "cve": "CVE-2025-37186", "notes": [ { "category": "details", "text": "A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking Virtual Intranet Access (VIA) client. Successful exploitation of this vulnerability could allow a local attacker to achieve arbitrary code execution with root privileges.", "title": "Details" }, { "category": "other", "text": "VULN-169", "title": "Internal Reference" } ], "product_status": { "fixed": [ "4.7.6" ], "known_affected": [ ">=4.0.0|<=4.7.5" ] }, "remediations": [ { "category": "vendor_fix", "date": "2026-02-16T17:00:00.000Z", "details": "Upgrade HPE Aruba Networking Virtual Intranet Access (VIA) for Linux to the following software version (as applicable) to resolve the vulnerability described above in the details sections:\n\n - HPE Aruba Networking VIA for Linux version 4.7.6 and above\n\nHPE Aruba Networking does not evaluate or patch HPE Aruba Networking Virtual Intranet Access (VIA) versions that have reached their End of Maintenance (EoM) milestone. For more information about HPE Aruba Networking's End of Life policy visit: https://www.hpe.com/psnow/doc/a00143052enw", "product_ids": [ "4.7.6" ], "url": "https://networkingsupport.hpe.com/downloads/release/RmlsZVJlbGVhc2U6YTkyODQyMDAtZmI1OC0xMWYwLWJjMTctMzM4ZWVhNjIxNzQ3#overview" }, { "category": "workaround", "date": "2026-01-13T17:00:00.000Z", "details": "To mitigate the risk of privilege escalation vulnerability, please \nrefer to the attached supplement (file) that shows an example of how \nto configure file access policy rules (fapolicy.d) to prevent loading \nof arbitrary shared objects. Alternatively, you may also follow the \nmitigation instructions available at https://csaf.arubanetworking.hpe.com/2026/via-fapolicyd-mitigation-instructions.pdf. \nIn an enterprise environment where users have limited permissions to \nconfigure their Linux machines, administrators may use common Linux \nconfiguration management tools to distribute and enable the desired file \naccess policy that is in line with the organization?s network security \ndirectives.", "product_ids": [ ">=4.0.0|<=4.7.5" ], "url": "https://csaf.arubanetworking.hpe.com/2026/via-fapolicyd-mitigation-instructions.pdf" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "environmentalScore": 7.8, "environmentalSeverity": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "temporalScore": 7.8, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ ">=4.0.0|<=4.7.5" ] } ], "title": "Local Privilege Escalation Vulnerability in HPE Aruba Networking Virtual Intranet Access (VIA) Client for Linux " } ] }