Out-of-Bounds Read Vulnerabilities Leading to Process Crash in AOS-8 Operating...

5.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Description

Multiple out-of-bounds read vulnerabilities were identified in a system component responsible for handling certain data buffers. Due to insufficient validation of maximum buffer size values, the process may attempt to read beyond the intended memory region. Under specific conditions, this can result in a crash of the affected process and a potential denial-of-service of the compromised process.

Basic Information

ID CVE-2025-37179

Source hpe

Published Jan 13, 2026 at 20:08

Modified Jan 13, 2026 at 20:32

Affected Product

Vendor Hewlett Packard Enterprise (HPE)

Product ArubaOS (AOS)

Version 8.12.0.0

Affected Versions Hewlett Packard Enterprise (HPE) ArubaOS (AOS) 8.12.0.0
Hewlett Packard Enterprise (HPE) ArubaOS (AOS) 8.10.0.0

CWE Classification

CWE-125

References

support.hpe.com /hpesc/public/docDisplay

{
    "lastseen": "",
    "description": "Multiple out-of-bounds read vulnerabilities were identified in a system component responsible for handling certain data buffers. Due to insufficient validation of maximum buffer size values, the process may attempt to read beyond the intended memory region. Under specific conditions, this can result in a crash of the affected process and a potential denial-of-service of the compromised process.",
    "published": "2026-01-13T20:08:58.718Z",
    "modified": "2026-01-13T20:32:08.785Z",
    "type": "cve",
    "title": "Out-of-Bounds Read Vulnerabilities Leading to Process Crash in AOS-8 Operating System",
    "source": "hpe",
    "references": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04987en_us&docLocale=en_US",
    "id": "CVE-2025-37179",
    "bulletinFamily": "",
    "cwe": [
        "CWE-125"
    ],
    "cvelist": null,
    "sourceData": "Hewlett Packard Enterprise (HPE) ArubaOS (AOS) 8.12.0.0\nHewlett Packard Enterprise (HPE) ArubaOS (AOS) 8.10.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "ArubaOS (AOS)",
    "version": "8.12.0.0",
    "vendor": "Hewlett Packard Enterprise (HPE)",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Out-of-Bounds Read Vulnerabilities Leading to Process Crash in AOS-8 Operating System_CVE-2025-37179