CVE-2025-37169 is a stack overflow vulnerability identified in the AOS-10 web-based management interface of Hewlett Packard Enterprise's ArubaOS Mobility Gateway devices. The flaw exists in the handling of certain inputs within the management interface, which can cause a stack overflow condition. When exploited by an authenticated user with high privileges, this vulnerability allows arbitrary code execution on the underlying operating system with privileged access. This means an attacker who has valid credentials and sufficient privileges can execute malicious code, potentially taking full control of the device. The affected versions are ArubaOS 10.3.0.0 and 10.6.0.0. The CVSS 3.1 base score is 7.2, reflecting high severity due to network attack vector, low attack complexity, required high privileges, no user interaction, and high impact on confidentiality, integrity, and availability. No public exploits or active exploitation have been reported yet. The vulnerability poses a significant risk to network security as ArubaOS Mobility Gateways are often deployed in enterprise and service provider environments to manage wireless and wired network access. Compromise of these devices could lead to interception or manipulation of network traffic, disruption of network services, and lateral movement within the network.

For European organizations, the impact of CVE-2025-37169 could be substantial, especially for those relying on ArubaOS Mobility Gateways for critical network infrastructure. Exploitation could lead to full compromise of network access devices, enabling attackers to intercept sensitive communications, disrupt network availability, and manipulate network configurations. This could affect sectors such as finance, healthcare, government, and telecommunications, where network integrity and confidentiality are paramount. The requirement for authenticated high-privilege access somewhat limits the attack surface to insiders or attackers who have already compromised credentials, but the potential damage remains high. Given the widespread use of HPE Aruba products in Europe, particularly in large enterprises and public sector networks, the vulnerability could facilitate advanced persistent threats or insider attacks, undermining trust in network security and compliance with data protection regulations like GDPR.

To mitigate CVE-2025-37169, European organizations should immediately verify if their ArubaOS Mobility Gateway devices run affected versions 10.3.0.0 or 10.6.0.0 and prioritize upgrading to patched versions once available from HPE. Until patches are applied, organizations should enforce strict access controls on the management interface, limiting access to trusted administrators via network segmentation and VPNs. Multi-factor authentication (MFA) should be enabled for all administrative accounts to reduce the risk of credential compromise. Regularly audit user privileges and remove unnecessary high-privilege accounts. Monitor logs for unusual administrative activity that could indicate exploitation attempts. Employ network intrusion detection systems tuned to detect anomalous behavior on ArubaOS devices. Additionally, implement strict password policies and consider temporary disabling of web-based management interfaces if operationally feasible. Coordination with HPE support for timely patch deployment and guidance is critical.