A critical vulnerability in HPE OneView is being exploited on a large scale by the RondoDox botnet, targeting enterprise management systems. The attacks are automated, widespread, and concentrated mainly on government, financial, and industrial sectors. #CVE-2025-37164 #RondoDox #HPEOneView #botnet #exploit
Keypoints
- The flaw CVE-2025-37164 in HPE OneView allows remote code execution and is actively exploited.
- Check Point linked the mass exploitation to the RondoDox Linux-based botnet.
- Over 40,000 automated attack attempts were recorded by Check Point on January 7.
- The majority of attacks originated from a Dutch IP address and targeted global sectors including government and finance.
- HPE has emphasized the urgency of applying patches amid ongoing exploitation activities.
Read More: https://www.theregister.com/2026/01/16/rondodox_botnet_hpe_oneview/