The maximum-severity code injection flaw can be exploited without authentication for remote code execution.
The post Critical HPE OneView Vulnerability Exploited in Attacks appeared first on SecurityWeek.
HPE Patches Critical Flaw in IT Infrastructure Management Software
Tracked as CVE-2025-37164, the critical flaw could allow unauthenticated, remote attackers to execute arbitrary code.
The post HPE Patches Critical Flaw in IT Infrastructure Management Software appeared first on SecurityWeek.
HPE Says Russian Government Hackers Had Access to Emails for 6 Months
HPE told the SEC that Russian state-sponsored threat group Midnight Blizzard had access to an email system for several months.
The post HPE Says Russian Government Hackers Had Access to Emails for 6 Months appeared first on SecurityWeek.