HPE Patches Critical Flaw in IT Infrastructure Management Software
Posted: Fri Dec 19, 2025 3:11 pm
HPE vulnerability
Hewlett Packard Enterprise (HPE) this week announced patches for a critical-severity remote code execution vulnerability in its OneView IT infrastructure management software.
Tracked as CVE-2025-37164 (CVSS score of 10), the security defect can be exploited without authentication, the company notes in a barebones advisory.
HPE makes no mention of the flaw being exploited in the wild, but urges customers to update to a fixed release as soon as possible.
https://www.securityweek.com/hpe-patche ... -software/
Hewlett Packard Enterprise (HPE) this week announced patches for a critical-severity remote code execution vulnerability in its OneView IT infrastructure management software.
Tracked as CVE-2025-37164 (CVSS score of 10), the security defect can be exploited without authentication, the company notes in a barebones advisory.
HPE makes no mention of the flaw being exploited in the wild, but urges customers to update to a fixed release as soon as possible.
https://www.securityweek.com/hpe-patche ... -software/