CVE-2025-37164 - Vulnerability Details

Threat entity extracted from intelligence sources

Frequency
18
occurrences
First Seen
December 17, 2025
Last Seen
January 16, 2026

CVE-2025-37164 is a vulnerability tracked across 6 threat clusters and 18 intelligence report mentions on ThreatCluster. First observed December 17, 2025; most recent activity January 16, 2026.

Related Threat Clusters

  • HPE OneView Software Vulnerability Enables Remote Code Execution

    Hewlett Packard Enterprise (HPE) has addressed a critical vulnerability in its OneView software, identified as CVE-2025-37164, which allows attackers to execute arbitrary code remotely without authentication. This flaw…

    15 articles · Updated December 18, 2025
  • RondoDox Botnet Exploits HPE OneView Vulnerability

    The RondoDox botnet is exploiting a critical vulnerability in HPE OneView, identified as CVE-2025-37164, which allows for remote code execution. Check Point has reported large-scale automated attacks leveraging this…

    4 articles · Updated January 16, 2026
  • CISA Flags Critical HPE OneView Vulnerability as Actively Exploited

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified a critical vulnerability in HPE OneView, tracked as CVE-2025-37164, as being actively exploited in attacks. This flaw affects HPE's…

    19 articles · Updated January 8, 2026
  • RondoDox Botnet Launches Attacks Exploiting HPE OneView Vulnerability

    Check Point Research has identified a coordinated exploitation campaign by the RondoDox botnet targeting a critical vulnerability in HPE OneView, designated as CVE-2025-37164. This campaign marks a significant…

    1 article · Updated January 16, 2026
  • HPE Addresses Critical CVE-2025-37164 Flaw in IT Management Software

    Hewlett Packard Enterprise (HPE) has patched a critical security vulnerability tracked as CVE-2025-37164, which has a CVSS score of 10. This flaw allows unauthenticated remote attackers to execute arbitrary code, posing…

    2 articles · Updated December 18, 2025
  • Cyber Incident Affects French Interior Ministry Email Services

    French authorities confirmed a cyber incident impacting the email services of the Interior Ministry. The breach is under active investigation, with potential risks including account takeover, internal phishing, and data…

    1 article · Updated December 26, 2025

Recent Intelligence Reports

  • RondoDox botnet exploits critical HPE OneView bug — Theregister · January 16, 2026
  • RondoDox botnet linked to large — Theregister · January 16, 2026
  • RondoDox Botnet Targets HPE OneView Vulnerability in Exploitation Wave — Infosecurity-Magazine · January 16, 2026
  • Maximum Severity HPE OneView Flaw Exploited in the Wild — Darkreading · January 8, 2026
  • Active Exploitation of Critical HPE OneView RCE Flaw (CVE-2025-37164) — Aha · January 8, 2026
  • Max-severity HPE OneView bug added to CISA list of exploited flaws — Scworld · January 8, 2026
  • CISA Warns of Attacks on PowerPoint and HPE Vulnerabilities — Thecyberexpress · January 8, 2026
  • Recently fixed HPE OneView flaw is being exploited (CVE-2025-37164) — Feeds2.Feedburner · January 8, 2026

CVSS v3.1 Breakdown