top of page
perceptive_background_267k.jpg

Hewlett Packard Enterprise OneView contains a code injection vulnerability that allows a remote unauthenticated user to perform remote code execution.

Published:

7 January 2026 at 00:00:00

Alert date:

7 January 2026 at 19:02:29

Source:

cisa.gov

Click to open the original link from this advisory

Hewlett Packard Enterprise OneView contains a critical code injection vulnerability tracked as CVE-2025-37164. The vulnerability allows remote unauthenticated attackers to perform remote code execution on affected systems. This represents a significant security risk as it requires no authentication and can be exploited remotely. Organizations using HPE OneView should review the advisory and apply available patches or mitigations immediately. The vulnerability has been assigned a high criticality rating due to its potential for complete system compromise.

Technical details

Mitigation steps:

Affected products:

Hewlett Packard Enterprise OneView

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2025-37164
https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbgn04985en_us&docLocale=en_US

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page