By Sead Fadilpašić
Publication Date: 2025-12-22 16:15:00
- HPE fixes critical RCE flaw (CVE‑2025‑37164) in OneView, severity 10/10
- The exploit could allow attackers to reconfigure servers, deploy malware, or create persistent backdoors.
- Users should upgrade to version 11.0 or apply an emergency hotfix immediately.
HPE has fixed a maximum severity vulnerability in its OneView platform that could cause several issues for businesses.
HPE OneView is a centralized infrastructure management platform that allows administrators to deploy, monitor and manage HPE servers, storage and networks through a single software-defined interface. The product is essential in an enterprise environment because it has centralized control over server hardware, firmware, storage, and network configurations.
If a cybercriminal gains access, they could reconfigure servers, deploy malicious firmware, disrupt workloads, or create persistent infrastructure-level backdoors. This could lead to widespread outages, data theft, and long-term compromises, i.e….
