A critical remote code execution vulnerability in Hewlett Packard Enterprise's (HPE) OneView, tracked as CVE-2025-37164, is currently being exploited in the wild, posing a significant threat to organizations using the affected software. The flaw, which carries a CVSS score of 9.8, was disclosed on December 16, 2025, and has since been added to CISA's Known Exploited Vulnerabilities (KEV) catalog as of January 7, 2026, underscoring its severity and the urgency for remediation.
CVE-2025-37164 is a result of improper handling of code execution requests, classified under CWE-94. This vulnerability allows attackers to execute arbitrary code remotely, potentially leading to full system compromise. The exploitation of this flaw was observed within 21 days of its disclosure, highlighting the rapid pace at which threat actors are capitalizing on newly discovered vulnerabilities.
The availability of exploit tools further exacerbates the risk. Currently, there is one known exploit in circulation, along with three proof-of-concept (PoC) scripts that demonstrate the vulnerability's potential impact. These tools lower the barrier for attackers, enabling even less sophisticated actors to launch attacks against vulnerable systems.
HPE OneView is widely used for managing data center infrastructure, making this vulnerability particularly concerning for enterprises relying on this software for critical operations. The exploitation of this flaw could lead to unauthorized access, data theft, or disruption of services, depending on the attacker's objectives.
HPE has released a patch to address CVE-2025-37164, and organizations are strongly advised to apply this update immediately to mitigate the risk of exploitation. Given the critical nature of the vulnerability and its active exploitation, delaying the patch could result in severe consequences.
Security teams should also review their systems for any signs of compromise and ensure that monitoring and detection mechanisms are in place to identify potential exploitation attempts. With the vulnerability's high Exploit Prediction Scoring System (EPSS) score of 0.839, the likelihood of exploitation remains significant, necessitating proactive measures to safeguard affected environments.
CSURFACE