CVE-2025-37128 – Authenticated Arbitrary Process Termination allows potential System Disruption in ECOS

CVE ID : CVE-2025-37128

Published : Sept. 16, 2025, 10:22 p.m. | 35 minutes ago

Description : A vulnerability in the web API of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to terminate arbitrary running processes. Successful exploitation could allow an attacker to disrupt system operations, potentially resulting in an unstable system state.

Severity: 6.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…