HPE warns of maximum severity RCE flaw in OneView software

Hewlett Packard Enterprise (HPE) has patched a maximum-severity vulnerability in its HPE OneView software that enables attackers to execute arbitrary code remotely.

HPE tells customers to patch OneView immediately as top-level security flaw spotted

HPE patches critical RCE flaw (CVE‑2025‑37164) in OneView, severity 10/10Exploitation could allow attackers to reconfigure ...

HPE OneView: Critical vulnerability allows code smuggling from the network

In HPE's OneView, malicious actors can inject malicious code from the network without authentication. An update is available.

HPE tells customers to patch fast as OneView RCE bug scores a perfect 10

HPE said the issue was reported by security researcher Nguyen Quoc Khanh and is urging customers to either upgrade to OneView 11.0 or apply the emergency hotfix immediately. Separate fixes are ...
Techzine Europe

HPE OneView requires patch for vulnerability with highest CVE score

Hewlett Packard Enterprise has fixed a critical vulnerability in OneView Software that allows remote code execution. The bug ...
SecurityWeek

HPE Patches Critical Flaw in IT Infrastructure Management Software

HPE has released patches for a critical-severity OneView vulnerability that could lead to unauthenticated remote code execution.
Network World

HPE OneView vulnerable to remote code execution attack

An unauthenticated user can execute the attack, and there’s no mitigation, just a hotfix that should be applied immediately.