Summary: CISA has added a maximum-severity remote code execution (RCE) vulnerability in HPE OneView (CVE-2025-37164) to the Known Exploited Vulnerabilities (KEV) catalog. The flaw allows unauthenticated attackers to gain complete control over the infrastructure management platform. Exploitation has accelerated as threat actors shift focus from endpoints to management layers.
Business Impact: Catastrophic. Compromising OneView allows an attacker to seize control of all managed servers, storage, and networking. This is a “keys to the kingdom” scenario that can lead to total operational paralysis and massive data exfiltration.
Why It Happened: Attackers are increasingly targeting centralized management tools because they are often internet-exposed and provide a high “blast radius” for a single exploit.
Recommended Executive Action: Direct your IT teams to apply vendor patches for HPE OneView immediately. Ensure that all management interfaces are isolated from the public internet and require MFA for access.
Hashtags: #HPE #CISA #KEV #VulnerabilityManagement #InfrastructureSecurity #PatchNow