CVE-2025-37186

High CVSS: 7.8

A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking Virtual Intranet Access (VIA) client. Successful exploitation of this vulnerability could allow a local attacker to achieve arbitrary code execution with root privileges.

Vendor

Product

CWE

CWE-269

Yayın Tarihi

2026-01-13 21:15:50

Güncelleme

2026-03-02 18:16:25

Source Identifier

security-alert@hpe.com

KEV Date Added

Kategoriler

CWE-269 HIGH 2026

Referanslar

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04994en_us&docLocale=en_US