{“lastseen”:””,”description”:”A vulnerability in an AOS firmware binary allows an authenticated malicious actor to permanently delete necessary boot information. Successful exploitation may render the system unbootable, resulting in a Denial of Service that can only be resolved by replacing the affected hardware.”,”published”:”2025-10-14T16:58:14.200Z”,”modified”:”2025-10-14T19:25:30.743Z”,”type”:”cve”,”title”:”Vulnerability in AOS firmware allows for Authenticated Local malicious actor to Permanently Disable Boot”,”source”:”hpe”,”references”:”https:\/\/support.hpe.com\/hpesc\/public\/docDisplay?docId=hpesbnw04957en_us\\u0026docLocale=en_US”,”id”:”CVE-2025-37139″,”bulletinFamily”:””,”cwe”:[“CWE-400″],”cvelist”:null,”sourceData”:”Hewlett Packard Enterprise (HPE) ArubaOS (AOS) 10.7.0.0\\nHewlett Packard Enterprise (HPE) ArubaOS (AOS) 10.4.0.0\\nHewlett Packard Enterprise (HPE) ArubaOS (AOS) 8.13.0.0\\nHewlett Packard Enterprise (HPE) ArubaOS (AOS) 8.12.0.0\\nHewlett Packard Enterprise (HPE) ArubaOS (AOS) 8.10.0.0″,”sourceHref”:””,”cvss”:{“score”:6,”severity”:”MEDIUM”,”vector”:”CVSS:3.1\/AV:L\/AC:L\/PR:H\/UI:N\/S:C\/C:N\/I:N\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”ArubaOS (AOS)”,”version”:”10.7.0.0″,”vendor”:”Hewlett Packard Enterprise (HPE)”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”A vulnerability in an AOS firmware binary allows an authenticated malicious actor to permanently delete necessary boot information. Successful exploitation may render the system unbootable,…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,37,12,21,13,7,11,5],"class_list":["post-21726","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-60","tag-exploit","tag-medium","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n