vulnerability

Aruba AOS-8: CVE-2025-37178: Out-of-Bounds Read Vulnerabilities Leading to Process Crash in AOS-8 Operating System

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	Jan 13, 2026	Jan 14, 2026	Jan 14, 2026

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

Jan 13, 2026

Added

Jan 14, 2026

Modified

Jan 14, 2026

Description

Multiple out-of-bounds read vulnerabilities were identified in a system component responsible for handling certain data buffers. Due to insufficient validation of maximum buffer size values, the process may attempt to read beyond the intended memory region. Under specific conditions, this can result in a crash of the affected process and a potential denial-of-service of the compromised process.

Solution

aruba-aos-8-cve-2025-37178

References

CVE-2025-37178
https://attackerkb.com/topics/CVE-2025-37178
URL-https://csaf.arubanetworks.com/2026/hpe_aruba_networking_-_hpesbnw04987.json
CWE-125

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today