By Zeljka Zorz
Publication Date: 2026-01-08 14:16:00
Attackers are exploiting an unauthenticated remote code execution vulnerability (CVE-2025-37164) that affects certain versions of HPE OneView, CISA confirmed by adding the defect to its catalog of known exploited vulnerabilities.
The vulnerability’s inclusion in the catalog is not surprising, as technical details and a Metasploit module were made public shortly after its disclosure, making it easier for less-skilled attackers to exploit.
About HPE OneView and CVE-2025-37164
HPE OneView is a centralized infrastructure management platform used to deploy, monitor and manage HPE data center hardware and software from a single interface.
The solution is popular in large-scale and automated data center environments.
“OneView sits in a privileged control plane for enterprise infrastructure, so successful exploitation is not just about establishing remote code execution, but about gaining centralized control over servers, firmware, and lifecycle management at scale,” Rapid7…
