What the HPE Aruba Private 5G Core Vulnerability Means for Your Private Cellular Network and How to Stay Protected

What the HPE Aruba Private 5G Core Vulnerability Means for Your Private Cellular Network and How to Stay Protected

Liron Ben Horin
By Liron Ben Horin, VP System Engineering, OneLayer

If you manage or secure a private cellular network, the latest vulnerability disclosure from HPE Aruba Networking should be a wake-up call.

HPE Aruba Networking has announced a high-severity vulnerability (CVE-2025-37100) in its Private 5G Core Platform. This flaw could allow unauthorized users to access sensitive data through the system’s APIs, including configuration files, authentication secrets, and other critical information. Such data could include IMEIs or SIM-related details, potentially giving attackers the means to compromise device authentication and network integrity. Full access to the core could enable attackers to control large parts of the network, degrade or block device communication, re-route traffic, and perform other damaging actions. This incident is a critical reminder that even the most reputable technology providers are not immune to modern cyberthreats.

Notably, this isn’t an isolated case. Earlier this year, a group of academics disclosed details of more than 100 security vulnerabilities affecting LTE and 5G implementations. Attackers could exploit these flaws to disrupt services and gain a foothold within the cellular core network.

Based on OneLayer’s insights, the HPE Aruba core powers dozens of private networks across sectors such as utilities, mining, manufacturing, public sector, transportation, logistics, supply chain, storage, education, entertainment, and more.

It’s important to acknowledge that HPE Aruba responded responsibly by identifying the issue through internal penetration testing, providing clear guidance, and issuing a timely security patch.

 

Not Just a Theoretical Threat

The details are worrying: an attacker who managed to exploit the flaw could iteratively navigate the file system, downloading confidential information and potentially paving the way for more severe compromises. These are the kinds of secrets—from authentication tokens to configuration data—that can grant deep, persistent access into your private 5G infrastructure.

What’s the real risk? Attackers with access to such sensitive data could do much more than just steal information. They might impersonate legitimate devices or users, alter network configurations, disrupt or block critical services, or even gain control over entire network segments. With the ability to intercept, reroute, or degrade device communication, the attacker could undermine operational integrity, plant backdoors for long-term access, or target regulated data, potentially leading to compliance breaches and reputational damage.

Private cellular networks, whether in utilities, manufacturing, or smart city deployments, rely heavily on their core platforms for security and operational integrity. Just one overlooked vulnerability can result in a large-scale data leak, operational disruption, or regulatory breach.

The key lesson here is that, regardless of the provider or platform, a layered and proactive approach to security is essential. Defense-in-depth remains the most effective way to protect critical infrastructure from both known and yet-unknown risks.

 

Five actionable steps to respond

  1. Apply security patches and updates promptly.
    Regularly update software and firmware for your network infrastructure. Timely patching, as in HPE’s recent fix, remains your front line of defense against known exploits.
  2. Implement Zero Trust Network Access (ZTNA).
    Move beyond implicit trust and validate every device and user each time they access the network. Ensure strong access controls and authentication are in place for both users and connected devices.
  3. Increase visibility into your cellular network activity.
    Deploy monitoring and detection solutions that help you see what’s really happening across your private cellular environment—down to the device, SIM, and service level—for both known and unknown threats.
  4. Integrate cellular context into your IP security stack.
    Make sure your IP-based firewalls, SIEM, and detection tools receive relevant cellular device data, so they can enforce policies and respond effectively to incidents involving cellular assets.
  5. Layer on dedicated security solutions—don’t rely solely on your infrastructure vendor.
    Use specialized security platforms that go beyond default protections embedded in cellular core products. Defense-in-depth is critical: combine network, endpoint, and application-layer controls.

 

OneLayer’s Zero Trust model secures what patches can’t.
Here’s where OneLayer’s platform stands apart. Instead of relying on a single point of defense, like SIM authentication or software patches, OneLayer adopts a dynamic, Zero Trust approach that continually verifies the identity and behavior of every device and service on your cellular network.

OneLayer continuously profiles, verifies, and governs every device and service connecting to your private cellular network—detecting abnormal behavior, blocking threats, and dynamically responding even in the event of a credential or configuration leak.

Even if a vulnerability like CVE-2025-37100 is exploited and sensitive data leaks, OneLayer’s platform can detect and block unauthorized device and service behavior. By profiling each device type, monitoring usage patterns, and correlating with category-based access controls (not just the IMSI or IMEI), OneLayer stops attackers who try to use stolen credentials or secrets in their tracks.

If a misused authentication token or configuration file emerges on your network, OneLayer automatically challenges the device or user for additional verification, preventing damage before it spreads.

 

Learn from the HPE Incident—Before It Costs You

As the industry moves rapidly to embrace private 5G for critical operations, incidents like the HPE Aruba Private 5G Core vulnerability remind us: It’s not a question of if sensitive data will be targeted, but when. No platform or provider is immune—what matters is how we prepare, respond together, and build resilient defenses as a community.

Don’t wait for a breach to rethink your approach to private cellular network security. Let OneLayer help you build in Zero Trust, category-based access, and real-time threat response, so you’re always a step ahead—no matter what the next headline brings.

Ready to see how OneLayer can protect your private network, even when the unthinkable happens?
Contact us for a demo or learn more about our platform at www.onelayer.com.

Technical Questions Emergency Hotline
open popup