HPE Aruba Networking EdgeConnect SD-WAN
Easy fix3 remedies
cpe:2.3:h:silver-peak:unity_edgeconnect_sd-wan:*:*:*:*:*:*:*, +1 more
Easy fix3 remedies
- >= 9.5.0.0, <= 9.5.3.0
- >= 9.4.0.0, <= 9.4.3.0
- ~9.3
- ~9.2
HPE Aruba Networking EdgeConnect SD-WAN Authenticated File Read Vulnerability Allowing Sensitive Data Exposure
Vulnerability
Patched
An authenticated file read vulnerability has been identified in HPE Aruba Networking EdgeConnect SD-WAN ECOS. This vulnerability allows remote threat actors with admin privileges to access unauthorized system files. Under certain conditions, this could result in the exposure and exfiltration of sensitive information through a user-facing interface.
Impact
Exploitation of this vulnerability could lead to unauthorized access to sensitive system files, allowing for the exposure and potential exfiltration of sensitive information.
Remediation
HPE Aruba Networking advises customers to upgrade to version 9.5.4.1 or above, or 9.4.4.2 or above. The HPE Aruba Networking EdgeConnect SD-WAN Orchestrator software version must be greater than or equal to the ECOS software version running on any HPE Aruba Networking EdgeConnect SD-WAN Gateways.
Added: Sep 16, 2025, 11:18 PM
Updated: Sep 16, 2025, 11:18 PM
Vulnerability Rating
Custom Algorithm
spread
2.6impact
2.5exploitability
4.4remediation
7.9relevance
0.5threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.