AI description
CVE-2025-37164 is a remote code execution vulnerability that exists in HPE OneView software. This vulnerability could be exploited by a remote, unauthenticated user to perform remote code execution. The vulnerability affects all versions of HPE OneView through v10.20. HPE has released a patch in version 11.00 to address the flaw and has also made available a hotfix for OneView versions 5.20 through 10.20.
- Description
- A remote code execution issue exists in HPE OneView.
- Source
- security-alert@hpe.com
- NVD status
- Undergoing Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-94
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
15
CVE-2025-37164 is still out there!!, i found the target using shodan 🔥 #bugbounty #bugbountytips #cve #Trending https://t.co/iVU51UaCD2
@assa2940
26 Dec 2025
10392 Impressions
33 Retweets
252 Likes
125 Bookmarks
3 Replies
0 Quotes
🚨 Since Dec 22, we've seen a surge in critical exploits: ✔️ HPE OneView: CVSS 10/10 (CVE-2025-37164) ✔️ WatchGuard Firebox: 117k+ devices exposed (CVE-2025-14733) ✔️ Cisco & Apple WebKit zero-days actively abused. If you aren't patching today, you're the tar
@CyberWolfGuard
24 Dec 2025
83 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 HPE OneView [—] Dec 24, 2025 Critical Remote Code Execution (RCE) vulnerability in HPE OneView product—CVE-2025-37164—requires immediate attention. This report provides a comprehensive analysis of the vulnerability, its impact, affected product versions, vendor advisor
@transilienceai
24 Dec 2025
85 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
企業向け管理基盤HPE OneViewの認証不要で遠隔から任意コードを実行できる脆弱性CVE-2025-37164の実証コードが公開された。既に攻撃に悪用可能な状態で、管理権限の高さから被害が広範囲に及ぶ恐れがあり、迅速
@yousukezan
23 Dec 2025
1086 Impressions
1 Retweet
5 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 HPE OneView [—] Dec 23, 2025 Critical remote code execution vulnerability (CVE-2025-37164) identified in HPE OneView versions before 11.00. Mandatory upgrades and remediation steps required due to severe unauthenticated RCE risk. Checkout our Threat Intelligence Platform:.
@transilienceai
23 Dec 2025
93 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A maximum-severity HPE OneView flaw (CVE-2025-37164) bypasses auth to execute code via the ID Pools API. Upgrade to v11.00 or apply hotfixes now. #HPE #OneView #CyberSecurity #RCE #CVSS10 #Infosec #DataCenter https://t.co/gmt2UvarRl
@the_yellow_fall
22 Dec 2025
343 Impressions
3 Retweets
6 Likes
2 Bookmarks
1 Reply
0 Quotes
CVE-2025-37164 : Hewlett Packard Enterprise OneView Software Flaw Explained Read the full report on - https://t.co/tVOlb645Mf https://t.co/3kQvWhULPJ
@Iambivash007
21 Dec 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-37164 - critical 🚨 HPE OneView - Remote Code Execution > HPE OneView contains a remote code execution vulnerability, letting remote attackers ... 👾 https://t.co/y6rPgUst01 @pdnuclei #NucleiTemplates #cve
@pdnuclei_bot
20 Dec 2025
138 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
⚡️ Cybersecurity Developments in the Last 12 Hours ⚡️ 🚨 HPE warns of a critical OneView RCE (CVE-2025-37164) rated 10.0 that allows unauthenticated remote code execution across enterprise management platforms, prompting immediate upgrades or emergency hotfixes. 👾
@greytech_ltd
19 Dec 2025
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We also now have a @metasploit exploit module in the pull queue for CVE-2025-37164... https://t.co/lFXfQ4I9Fw https://t.co/wqXqhf1wyM
@stephenfewer
19 Dec 2025
13112 Impressions
22 Retweets
140 Likes
62 Bookmarks
1 Reply
1 Quote
We just published our @rapid7 analysis of CVE-2025-37164 (h/t @the_emmons). Unauthenticated RCE against HPE OneView via an unauthenticated REST endpoint called executeCommand! Full details here: https://t.co/gyKwEjCsZ6
@stephenfewer
19 Dec 2025
10041 Impressions
23 Retweets
79 Likes
33 Bookmarks
0 Replies
0 Quotes
HPE OneView Hit by CVE-2025-37164 With CVSS 10.0 Severity #cybersecuritynews #cyashadotcom #INDvSA https://t.co/4XNx0nHyAa
@cyashadotcom
19 Dec 2025
100 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 HPE OneView RCE (CVE-2025-37164) — CVSS 10.0 Unauthenticated attackers could potentially execute code remotely on vulnerable OneView versions < 11.00. Apply the patch or hotfix ASAP (5.20–10.20). https://t.co/QKS2Chw76t #HPE #OneView #RCE #CVE #CyberSecurity #PatchNow
@vulert_official
19 Dec 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CRITICAL: HPE OneView flaw (CVE-2025-37164) allows unauthenticated RCE across all versions <11.00. No active exploits, but risk is extreme—patch or apply hotfixes now! 🛡️ https://t.co/vlFmbjYx76 #OffSeq #HPE... https://t.co/0pjdKggYRb
@offseq
19 Dec 2025
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-37164, la #falla #RCE non autenticata in #HPE #OneView che può compromettere intere #infrastrutture #IT https://t.co/0F23hGCt7e #bug #Hewlett #Packard #Enterprise #HP #vulnerabilità #RemoteCodeExecution #CVE202537164
@redmountxyz
19 Dec 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 On 12/17/25, Hewlett Packard (#HP) Enterprise published an advisory for CVE-2025-37164, a vuln in HPE OneView. Assigned a CVSS score of 10.0, it facilitates unauth. RCE on versions of #OneView before 11.0. Hotfix analysis & more in the Rapid7 blog: https://t.co/YTcy
@rapid7
18 Dec 2025
2939 Impressions
5 Retweets
16 Likes
3 Bookmarks
0 Replies
0 Quotes
شرکت (HP) یک آسیبپذیری امنیتی حداکثری در نرمافزار OneView را برطرف کرده است که در صورت بهرهبرداری موفقیتآمیز میتواند منجر به اجرای کد از راه دور شود. ا
@Teeegra
18 Dec 2025
1102 Impressions
0 Retweets
9 Likes
0 Bookmarks
0 Replies
0 Quotes
Vulnerabilidad en HPE (Hewlett Packard Enterprise) OneView permite ejecución remota de código CVE-2025-37164, tiene una puntuación de gravedad CVSS de 10.0, lo que indica un riesgo crítico máximo https://t.co/m4NW6GcfA3 https://t.co/l9K21TxlAm
@elhackernet
18 Dec 2025
2111 Impressions
12 Retweets
13 Likes
3 Bookmarks
0 Replies
0 Quotes
HPE OneView patched a critical CVSS 10.0 RCE flaw (CVE-2025-37164) allowing unauthenticated access. Update ASAP! 🚨 https://t.co/1RbDQKbUwQ #HPEOneView #CyberSecurity #Vulnerability #RCE #CVE202537164
@0xT3chn0m4nc3r
18 Dec 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
INFRASTRUCTURE HIJACK: CVSS 10.0 Flaw in HPE OneView Allows Unauthenticated Remote Takeover (Mandatory Patch for CVE-2025-37164). Read the full report on - https://t.co/0Clom7IW1w https://t.co/MjLJ2FyQzF
@Iambivash007
18 Dec 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Hewlett Packard Enterprise (HPE) has patched a maximum-severity OneView vulnerability (CVE-2025-37164) that enables attackers to execute arbitrary code remotely. https://t.co/F4z3J17wIM
@BleepinComputer
18 Dec 2025
7612 Impressions
33 Retweets
52 Likes
13 Bookmarks
0 Replies
0 Quotes
🚨🚨CVE-2025-37164 (CVSS 10.0): RCE in HPE OneView This vulnerability allows unauthenticated remote code execution in all versions prior to v11.00. Search by vul.cve Filter👉vul.cve="CVE-2025-37164" ZoomEye Dork👉app="HPE OneView" 138 exposed instances. ZoomEye Link: htt
@zoomeye_team
18 Dec 2025
3893 Impressions
13 Retweets
57 Likes
30 Bookmarks
0 Replies
0 Quotes
HPEの中核管理ソフトOneViewに、認証不要で遠隔から任意コードを実行できる致命的な欠陥が判明した(CVE-2025-37164)。侵入されればサーバーやストレージ、ネットワークを一括管理する中枢が掌握され、企業のデ
@yousukezan
18 Dec 2025
901 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
A severe vulnerability was disclosed for HPE OneView (CVE-2025-37164) https://t.co/exmUzmXGDO
@vuldb
17 Dec 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Upozorňujeme na kritickou zranitelnost v HPE OneView, CVE-2025-37164. Tato zranitelnost umožňuje vzdálenému, neautentizovanému útočníkovi spustit libovolný kód na postižených systémech. Útok je realizovatelný přes síť, nevyžaduje žádnou autentizaci ani
@GOVCERT_CZ
17 Dec 2025
372 Impressions
3 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-37164 Remote Code Execution Vulnerability in HPE OneView Management Software https://t.co/TYCLLbL9Wd
@VulmonFeeds
16 Dec 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 CVE-2025-37164 - Critical A remote code execution issue exists in HPE OneView. https://t.co/FcngslMCCI https://t.co/mqMAbNEtdS
@TheHackerWire
16 Dec 2025
57 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-37164: CRITICAL] A remote code execution issue exists in HPE OneView.#cve,CVE-2025-37164,#cybersecurity https://t.co/QejjNkpQog https://t.co/YIOmd8wvAQ
@CveFindCom
16 Dec 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes