CISA Flags Microsoft Office and HPE OneView Bugs as Actively Exploited

Published:

8 januari 2026 om 04:52:00

Alert date:

8 januari 2026 om 06:01:52

Source:

thehackernews.com

Enterprise Applications, Zero-Day Vulnerabilities

CISA added two security vulnerabilities to its Known Exploited Vulnerabilities catalog due to evidence of active exploitation. The flaws affect Microsoft Office (CVE-2009-0556) with a code injection vulnerability scoring 8.8 CVSS, and HPE OneView. Both vulnerabilities are being actively exploited in the wild, prompting CISA to issue alerts for federal agencies and organizations to prioritize patching these security issues.

Technical details

CVE-2009-0556 is a code injection vulnerability in Microsoft Office PowerPoint with CVSS score 8.8 that allows remote attackers to execute arbitrary code through memory corruption. CVE-2025-37164 is a code injection vulnerability in HPE OneView with maximum CVSS score 10.0 that allows remote unauthenticated users to perform remote code execution. Public proof-of-concept exploit code has been released for CVE-2025-37164, significantly increasing exploitation risk.

Mitigation steps:

Apply necessary security fixes by January 28, 2026 as per CISA BOD 22-01 for Federal agencies. For HPE OneView, update to version 11.00 or apply available hotfixes for versions 5.20 through 10. Organizations should prioritize patching due to public availability of proof-of-concept exploit code for CVE-2025-37164.

Affected products:

Microsoft Office PowerPoint
HPE OneView (all versions prior to 11.00)
HPE OneView versions 5.20 through 10 (hotfixes available)

Related CVE's:

CVE-2009-0556

CVE-2025-37164

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.