HPE has fixed a critical security vulnerability in OneView Software (CVE-2025-37164) that could allow remote code execution. Users are advised to apply the available hotfixes promptly to secure their systems. #HPEOneView #CVE202537164
Keypoints
- HPE OneView Software has a maximum-severity flaw with a CVSS score of 10.0.
- The vulnerability allows remote, unauthenticated users to execute code remotely.
- All versions prior to 11.00 are affected, with hotfixes available for versions 5.20 to 10.20.
- The hotfix needs reapplication after certain upgrades or reimaging operations.
- HPE recently fixed multiple vulnerabilities across its products, including StoreOnce and components like Apache Tomcat.
Read More: https://thehackernews.com/2025/12/hpe-oneview-flaw-rated-cvss-100-allows.html