Patch Now: Active Exploitation Underway for Critical HPE OneView Vulnerability
Executive Summary Check Point Research identified active, large-scale exploitation of CVE-2025-37164, a critical remote code execution vulnerability affecting HPE OneView. The exploitation campaign is attributed to the RondoDox botnet and escalated rapidly to tens of thousands of automated attack attempts. Check Point blocked tens of thousands of exploitation attempts through its security infrastructure, highlighting both the severity of the risk and the importance of layered defenses. Check Point reported the active exploitation to CISA on January 7, 2026, and the vulnerability was added to the Known Exploited Vulnerabilities KEV catalog the same day. Organizations running HPE OneView should patch immediately […]
The post Patch Now: Active Exploitation Underway for Critical HPE OneView Vulnerability appeared first on Check Point Blog.
目录
最新
- Unzipping the Threat: How to Block Malware Hidden in Password-Protected ZIP Files
- Securing Your AI Transformation: How Check Point Is Helping Security Teams Keep Control in an AI-First World
- Love Is in the Air — and So Are Scammers: Valentine’s Day 2026 Threats to Watch For
- WAF Security Test Results 2026: Why Prevention-First Matters More Than Ever
- Global Cyber Attacks Rise in January 2026 Amid Increasing Ransomware Activity and Expanding GenAI Risks
- From Solo to Squad: The Evolution of Cyber Security Training in the AI Era
- SaaS Abuse at Scale: Phone-Based Scam Campaign Leveraging Trusted Platforms
- Amaranth-Dragon: Targeted Cyber Espionage Campaigns Across Southeast Asia