What is the risk of CVE-2025-37164?

This is a maximum-severity remote code execution flaw in HPE OneView that allows unauthenticated attackers to gain full control over data center infrastructure.

Which versions of HPE OneView are affected?

The vulnerability impacts all versions of HPE OneView through version 10.20.

What is the PowerPoint vulnerability added by CISA?

CVE-2009-0556 is a legacy memory corruption flaw that allows attackers to execute code when a victim opens a specially crafted .ppt file.

When is the deadline for federal agencies to patch these flaws?

CISA has ordered federal agencies to address these vulnerabilities by January 28, 2026.

How can I protect against the PowerPoint exploit?

The best defense is to decommission legacy Office versions (2000-2003) and upgrade to supported software that receives security updates.

Attack

CISA reports actively exploited Critical HPE OneView flaw

published: Jan. 8, 2026

Take action: Make sure all management devices like HPE OneView are isolated from the internet and accessible from trusted networks only. Then plan an update of the HPE OneView.

Learn More

CISA reports active exploitation of HPE OneView flaw that enables remote code execution.

The flaw is tracked as CVE-2025-37164 (CVSS score 10.0) - remote code execution in HPE OneView through version 10.20.

Exposed systems and potential impacts include HPE ProLiant servers and Synergy systems and data center storage and networking controllers

Because management tools sit deep in the network with high privileges, a breach allows full control over hardware and firmware. A public exploit module for Metasploit appeared shortly after HPE released the patch.

Federal agencies must patch these systems by January 28, 2026. The inclusion in the KEV catalog confirms that attackers are actively using these flaws to break into networks.

Organizations should update HPE OneView to version 10.30 or later immediately.

CISA reports actively exploited Critical HPE OneView flaw

Read More
Juniper J-Web Junos OS Vulnerabilities Combined in Cybercrime …
Ivanti warns of three new actively Exploited flaws …
CISA reports active exploitation of Cross-Site Scripting flaw …
CISA warns of Microsoft SharePoint vulnerability actively exploited
Researchers discover exploitation code that uses LogoFAIL UEFI …