HPE

Security Scorecard

Score

60F

Total CVEs

36

Patch Rate

17%

6 patched

Avg Response

-

days to patch

Critical Gaps

1

exploitable, no detection

Severity Breakdown

Critical0

High14

Medium22

Low0

Patch Status

Patched6 (17%)

Partial/Workaround9 (25%)

Unpatched21 (58%)

CVEs (36)

CVE ID	Title	Severity	Score	Days	Patch
CVE-2025-37181	EdgeConnect SD-WAN Orchestrator SQL Injection Exploit	High	7.2	-	Patched
CVE-2025-37183	EdgeConnect SD-WAN Orchestrator SQL Injection Exploit	High	7.2	-	Patched
CVE-2025-37184	HPE Orchestrator Admin Token Forgery	Medium	6.5	-	Patched
CVE-2025-37185	HPE EdgeConnect SD-WAN Orchestrator XSS Vulnerability	Medium	5.5	-	Patched
CVE-2025-37170	HPE AOS-8 Mobility Conductor Command Injection	High	7.2	-	Workaround
CVE-2025-37171	AOS-8 Root Privilege Escalation	High	7.2	-	Workaround
CVE-2025-37172	HPE AOS-8 Mobility Conductor Command Injection	High	7.2	-	Workaround
CVE-2025-37173	HPE AOS-10/8 Mobility Conductor Remote Code Execution	High	7.2	-	Workaround
CVE-2025-37168	HPE Mobility Conductors AOS-8 File Deletion Vulnerability	High	8.2	-	Workaround
CVE-2025-37169	HPE Mobility Gateway Stack Overflow Exploit	High	7.2	-	Patched