CVE-2025-37123
Published: 16 September 2025
Summary
CVE-2025-37123 is a high-severity Improper Privilege Management (CWE-269) vulnerability in Hpe (inferred from references). Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 44.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).
Deeper analysis
CVE-2025-37123 is a privilege escalation vulnerability in the command-line interface (CLI) of HPE Aruba Networking EdgeConnect SD-WAN Gateways. It enables an authenticated remote attacker to gain elevated privileges, potentially allowing execution of arbitrary system commands with root privileges on the underlying operating system. The vulnerability is rated with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and is associated with CWE-269 (Improper Privilege Management). It was published on 2025-09-16.
An attacker with low-privilege authenticated remote access (PR:L) can exploit this vulnerability over the network (AV:N) with low complexity (AC:L) and no user interaction (UI:N) required. Successful exploitation grants root-level access, enabling high-impact confidentiality, integrity, and availability compromises, such as full system takeover on affected gateways.
HPE has published a security advisory with mitigation details at https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04943en_us&docLocale=en_US.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-29661
Vulnerability details
A vulnerability in the command-line interface of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to escalate privileges. Successful exploitation of this vulnerability may enable the attacker to execute arbitrary system commands with root privileges on…
more
the underlying operating system.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct privilege escalation via authenticated network CLI access enabling root-level arbitrary command execution on network device.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly counters CWE-269 Improper Privilege Management by enforcing least privilege for accounts and processes, preventing low-privilege authenticated users from escalating to root via the CLI vulnerability.
Requires timely flaw remediation, directly addressing the specific privilege escalation vulnerability in the HPE Aruba EdgeConnect SD-WAN Gateway CLI by applying vendor patches.
Mandates enforcement mechanisms for access control policies that block unauthorized privilege escalations from low-privilege remote CLI sessions to root-level command execution.