By Carly Page
Publication Date: 2026-01-16 13:00:00
A critical HPE OneView flaw is currently being exploited at scale, with Check Point linking massive, automated attacks to the RondoDox botnet.
The security team says it has identified a “large-scale exploit” of CVE-2025-37164, a high-severity remote code execution bug in HPE’s data center management platform. Check Point has linked the activity to RondoDox, a Linux-based botnet that weaponizes publicly known vulnerabilities in routers, DVRs, web servers and other devices. using an “exploitation shotgun” approach to build sprawling botnet networks for DDoS, crypto mining, and secondary payload delivery.
When HPE first revealed the bug in mid-December, its fix was urgently received due to its perfect CVSS severity score of 10 and the fact that OneView controls servers, storage, and networking from a central point—essentially a high-privilege command center within many enterprise environments.
At that stage,…
