Virtual Intranet Access (VIA) client

CVEs (5)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2025-37186	HPE Virtual Intranet Access (VIA) client	Hig	0.51	7.8	0.00	Jan 13, 2026	A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking Virtual Intranet Access (VIA) client. Successful exploitation of this vulnerability could allow a local attacker to achieve arbitrary code execution with root privileges.
CVE-2025-25041	HPE Virtual Intranet Access (VIA) client	Med	0.36	5.5	0.00	Apr 1, 2025	A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM (root). A successful exploit could allow the creation of a Denial-of-Service (DoS) condition affecting the Microsoft…
CVE-2023-38402	HPE Virtual Intranet Access (VIA) client		0.00	—	0.00	Aug 15, 2023	A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting…
CVE-2023-38401	HPE Virtual Intranet Access (VIA) client		0.00	—	0.00	Aug 15, 2023	A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITY\SYSTEM privileges on the operating system.
CVE-2022-23678	HPE Virtual Intranet Access (VIA) client		0.00	—	0.01	Sep 6, 2022	A vulnerability in the Aruba Virtual Intranet Access (VIA) client for Microsoft Windows operating system client communications that could allow for an attacker in a privileged network position to intercept sensitive information in Aruba Virtual Intranet Access (VIA) client for…

CVE-2025-37186HigJan 13, 2026
HPE
Virtual Intranet Access (VIA) client
risk 0.51cvss 7.8epss 0.00
A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking Virtual Intranet Access (VIA) client. Successful exploitation of this vulnerability could allow a local attacker to achieve arbitrary code execution with root privileges.
CVE-2025-25041MedApr 1, 2025
HPE
Virtual Intranet Access (VIA) client
risk 0.36cvss 5.5epss 0.00
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM (root). A successful exploit could allow the creation of a Denial-of-Service (DoS) condition affecting the Microsoft…
CVE-2023-38402Aug 15, 2023
HPE
Virtual Intranet Access (VIA) client
risk 0.00cvss —epss 0.00
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting…
CVE-2023-38401Aug 15, 2023
HPE
Virtual Intranet Access (VIA) client
risk 0.00cvss —epss 0.00
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITY\SYSTEM privileges on the operating system.
CVE-2022-23678Sep 6, 2022
HPE
Virtual Intranet Access (VIA) client
risk 0.00cvss —epss 0.01
A vulnerability in the Aruba Virtual Intranet Access (VIA) client for Microsoft Windows operating system client communications that could allow for an attacker in a privileged network position to intercept sensitive information in Aruba Virtual Intranet Access (VIA) client for…