CVE-2025-25041

Medium CVSS: 5.5

A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM (root). A successful exploit could allow the creation of a Denial-of-Service (DoS) condition affecting the Microsoft Windows Operating System. This vulnerability does not affect Linux and Android based clients.

Vendor

Product

CWE

CWE-732

Yayın Tarihi

2025-04-01 17:15:44

Güncelleme

2025-04-03 18:15:44

Source Identifier

security-alert@hpe.com

KEV Date Added

Kategoriler

CWE-732 MEDIUM 2025

Referanslar

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04841en_us&docLocale=en_US