216.73.217.98

CVE-2025-37139

· Published 14/10/2025 17:15 · Modified 14/10/2025 20:15

Labels: CVE-2025-37139 2025-10-14CVE-2025-37139CWE-400[email protected]

Essential information

Published
14/10/2025 17:15
Modified
14/10/2025 20:15
Author
Creator
CVSS
6.0 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

CVSS metrics

Description

A vulnerability in an AOS firmware binary allows an authenticated malicious actor to permanently delete necessary boot information. Successful exploitation may render the system unbootable, resulting in a Denial of Service that can only be resolved by replacing the affected hardware.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
hpe / aos firmware cpe:2.3:a:hpe:aos_firmware:*:*:*:*:*:*:*:*

References