An unauthenticated remote code execution vulnerability (CVE-2025-37164) affecting certain versions of HPE OneView is being leveraged by attackers, CISA confirmed by adding the flaw to its Known Exploited Vulnerabilities catalog. The vulnerability’s inclusion in the catalog is unsurprising, as technical details and a Metasploit module were made public soon after it was disclosed, making exploitation by less-skilled attackers easier. About HPE OneView and CVE-2025-37164 HPE OneView is a centralized infrastructure management platform used to deploy, … More →
The post Recently fixed HPE OneView flaw is being exploited (CVE-2025-37164) appeared first on Help Net Security.
http://news.poseidon-us.com/TQDVZm
