CVE-2025-37164

high-risk
Published 2025-12-16

A remote code execution issue exists in HPE OneView.

Do I need to act?

!
85.1% chance of exploitation in next 30 days
EPSS score — higher than 15% of all CVEs
!
CISA KEV: actively exploited in the wild
On the Known Exploited Vulnerabilities catalog — federal agencies must patch
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
10
CVSS 10.0/10 Critical
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Hpe

References (4)

Vendor Advisory https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbgn04985en_us&docLocal...
Exploit https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linu...
Vendor Advisory https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbgn04985en_us&docLocal...
US Government Resource https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-...
65
/ 100
high-risk
Severity 33/34 · Critical
Exploitability 27/34 · High
Exposure 5/34 · Minimal