Cyber Resilience

CVE-2025-23051

HighRCE

Published: 14 January 2025

Published
14 January 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0039 60.3th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-23051 is a high-severity Code Injection (CWE-94) vulnerability in Hpe (inferred from references). Its CVSS base score is 7.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 39.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-23051 is an authenticated parameter injection vulnerability, classified under CWE-94, in the web-based management interface of the AOS-8 and AOS-10 Operating Systems. Published on January 14, 2025, it carries a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). Successful exploitation enables an authenticated user to inject parameters and overwrite arbitrary system files.

An attacker requires high privileges (PR:H) and network access to the management interface to exploit this vulnerability, which has low attack complexity and no user interaction needed. Exploitation allows full control over confidentiality, integrity, and availability, potentially leading to complete system compromise through arbitrary file overwrites.

The HPE security bulletin at https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04723en_us&docLocale=en_US provides details on affected versions and mitigation steps.

EU & UK References

Vulnerability details

An authenticated parameter injection vulnerability exists in the web-based management interface of the AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated user to leverage parameter injection to overwrite arbitrary system files.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

The vulnerability is an authenticated parameter injection flaw in a web-based management interface that directly enables exploitation of a public-facing application to achieve arbitrary file overwrites and full system compromise.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-13773Shared CWE-94
CVE-2025-50692Shared CWE-94
CVE-2026-30643Shared CWE-94
CVE-2026-30460Shared CWE-94
CVE-2025-71243Shared CWE-94
CVE-2026-44262Shared CWE-94
CVE-2024-13792Shared CWE-94
CVE-2020-37052Shared CWE-94
CVE-2026-42555Shared CWE-94
CVE-2025-65037Shared CWE-94

Affected Assets

Hpe
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly prevents parameter injection vulnerabilities by requiring validation and sanitization of all inputs to the web management interface.

prevent

Mandates timely remediation of known flaws like CVE-2025-23051 through patching affected AOS-8 and AOS-10 systems.

detect

Monitors the integrity of system files to detect unauthorized overwrites resulting from successful parameter injection exploitation.

References