Hewlett Packard Enterprise (HPE)

A critical vulnerability in HPE Aruba Networking Instant On Access Points allows attackers to bypass device authentication mechanisms completely. The flaw, tracked as CVE-2025-37103, involves hardcoded login credentials embedded within the devices’ software. This presents a severe security risk with a maximum CVSS score of 9.8. The vulnerability affects firmware 3.2.0.1 and below, potentially exposing countless enterprise networks to unauthorized administrative access. The issue was discovered through HPE Aruba Networking’s Bug Bounty program and requires an immediate firmware update to mitigate the risk.

Source: https://cybersecuritynews.com/hpe-aruba-hardcoded-credentials/

TPRM report: https://scoringcyber.rankiteo.com/company/hewlett-packard-enterprise

"id": "hew723072225",
"linkid": "hewlett-packard-enterprise",
"type": "Vulnerability",
"date": "7/2025",
"severity": "25",
"impact": "",
"explanation": "Attack without any consequences: Attack in which data is not compromised"

{'affected_entities': [{'industry': 'Technology',
                        'name': 'Hewlett Packard Enterprise (HPE)',
                        'type': 'Organization'}],
 'attack_vector': 'Hardcoded Credentials',
 'date_publicly_disclosed': '2025-07-08',
 'description': 'A critical vulnerability in Hewlett Packard Enterprise (HPE) '
                'Aruba Networking Instant On Access Points could allow '
                'attackers to bypass device authentication mechanisms '
                'completely. The vulnerability, tracked as CVE-2025-37103, '
                'stems from hardcoded login credentials embedded within the '
                'devices’ software, presenting a severe security risk with a '
                'maximum CVSS score of 9.8.',
 'impact': {'operational_impact': 'Potential tampering or payload injection',
            'systems_affected': 'HPE Networking Instant On Access Points'},
 'initial_access_broker': {'entry_point': 'Hardcoded credentials embedded '
                                          'within the device’s web interface'},
 'post_incident_analysis': {'corrective_actions': 'Upgrade firmware to remove '
                                                  'hardcoded credential branch '
                                                  'and enforce robust '
                                                  'credential management '
                                                  'policies',
                            'root_causes': 'Hardcoded login credentials '
                                           'embedded within the devices’ '
                                           'software'},
 'references': [{'source': 'HPE Aruba Networking’s Bug Bounty program'}],
 'response': {'containment_measures': 'Upgrade firmware to version 3.2.1.0 or '
                                      'later',
              'enhanced_monitoring': 'Audit access logs for suspicious web '
                                     'interface logins',
              'network_segmentation': 'Segment management traffic to trusted '
                                      'administrative VLANs',
              'remediation_measures': 'Remove hardcoded credential branch from '
                                      'authenticate() routine and enforce '
                                      'robust credential management policies'},
 'title': 'Hardcoded Credentials Vulnerability in HPE Aruba Networking Instant '
          'On Access Points',
 'type': 'Vulnerability Exploitation',
 'vulnerability_exploited': 'CVE-2025-37103'}