CVE-2025-37147

Summary

A Secure Boot Bypass Vulnerability exists in affected Access Points that allows an adversary to bypass the hardware root of trust verification in place to ensure only vendor-signed firmware can execute on the device. An adversary can exploit this vulnerability to run modified or custom firmware on affected Access Points.

Affected Software

VendorProductVersion RangeStatus
Hewlett Packard Enterprise (HPE)ArubaOS (AOS)10.7.0.0 <= 10.7.1.1affected
Hewlett Packard Enterprise (HPE)ArubaOS (AOS)10.4.0.0 <= 10.4.1.8affected
Hewlett Packard Enterprise (HPE)ArubaOS (AOS)8.13.0.0 <= 8.13.0.1affected
Hewlett Packard Enterprise (HPE)ArubaOS (AOS)8.12.0.0 <= 8.12.0.5affected
Hewlett Packard Enterprise (HPE)ArubaOS (AOS)8.10.0.0 <= 8.10.0.18affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References