Hewlett Packard Enterprise has disclosed a critical security vulnerability in its Aruba Networking Private 5G Core platform that could allow unauthorized actors to access and download sensitive system files.
The vulnerability, tracked as CVE-2025-37100 and assigned a high severity rating with a CVSS score of 7.7, affects specific versions of the platform and was discovered during internal penetration testing conducted by HPE’s security team.
The vulnerability resides within the application programming interfaces (APIs) of the HPE Aruba Networking Private 5G Core platform, creating a pathway for attackers to exploit the system’s file structure.
According to the security advisory released on June 10, 2025, a successful exploitation could enable an attacker to iteratively navigate through the filesystem and ultimately download protected system files containing sensitive information.
The vulnerability specifically affects HPE Aruba Networking Private 5G Core versions between 1.24.1.0 and 1.25.1.0, inclusive.
The security vulnerability operates through a mechanism that allows unauthorized users to systematically traverse directory structures, potentially exposing critical configuration files, authentication credentials, and other sensitive operational data stored on the affected systems.
The CVSS vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N indicates that the vulnerability can be exploited remotely over a network with low attack complexity, requires low-level privileges, needs no user interaction, and could result in a complete compromise of confidentiality across system boundaries.
HPE Aruba Network Vulnerability
The implications of this vulnerability are particularly concerning for enterprises deploying private 5G infrastructure, as the Aruba Networking Private 5G Core platform serves as a critical component in modern telecommunications networks.
Organizations using the affected versions could face unauthorized access to network configuration files, user credentials, and potentially sensitive business data transmitted through their private 5G networks.
HPE’s internal security team discovered the vulnerability during routine penetration testing exercises, demonstrating the company’s proactive approach to identifying security weaknesses before they can be exploited by malicious actors.
As of the advisory’s publication date, HPE reports no awareness of public discussion or exploit code targeting this specific vulnerability, providing organizations with a window of opportunity to implement protective measures.
The vulnerability’s remote exploitation capability means that attackers could potentially access affected systems from anywhere on the network, making it particularly dangerous for organizations with inadequate network segmentation or those exposing management interfaces to broader network access.
Mitigations
HPE has released a software update to address the vulnerability, recommending that organizations upgrade to HPE Aruba Networking Private 5G Core version 1.25.1.1 or higher.
The company emphasizes that it does not evaluate or patch software versions that have reached their End of Support milestone, making immediate action crucial for affected deployments.
For organizations unable to immediately deploy the software update, HPE provides a temporary workaround involving the disabling of the “Terminal” service through the system’s graphical user interface.
This mitigation can be implemented by navigating to System > Services and toggling the Terminal service to disabled status.
Additionally, HPE recommends deploying the product architecture so that APIs are only reachable from within local networks, reducing the attack surface and limiting potential exploitation vectors.
Organizations should review their network configurations to ensure proper access controls and monitoring capabilities are in place to detect any unauthorized access attempts.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
