CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

CISA Adds Actively Exploited Microsoft Office and HPE OneView Vulnerabilities to KEV Catalog

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities affecting Microsoft Office and HPE OneView to its Known Exploited Vulnerabilities (KEV) catalog, indicating active exploitation. The vulnerabilities include CVE-2009-0556 in Microsoft Office PowerPoint and CVE-2025-37164 in HPE OneView. The flaws allow for remote code execution and memory corruption. CISA urges federal agencies to apply patches by January 28, 2026, to mitigate risks. A proof-of-concept (PoC) exploit for CVE-2025-37164 has been publicly released, increasing the risk of exploitation.

Timeline

  1. 08.01.2026 06:52 1 articles · 23h ago

    CISA Adds Actively Exploited Microsoft Office and HPE OneView Vulnerabilities to KEV Catalog

    On January 8, 2026, CISA added two vulnerabilities, CVE-2009-0556 in Microsoft Office PowerPoint and CVE-2025-37164 in HPE OneView, to its KEV catalog due to evidence of active exploitation. A PoC exploit for CVE-2025-37164 was released on December 23, 2025, increasing the risk of exploitation. Federal agencies are urged to apply patches by January 28, 2026.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Critical RCE flaw in HPE OneView software actively exploited

Hewlett Packard Enterprise (HPE) has patched a maximum-severity remote code execution (RCE) vulnerability (CVE-2025-37164) in its OneView software, which has a CVSS score of 10.0. The flaw affects all versions before v11.00 and can be exploited by unauthenticated attackers in low-complexity attacks. The vulnerability was reported by Vietnamese security researcher Nguyen Quoc Khanh (brocked200). HPE advises immediate patching as there are no workarounds or mitigations available. HPE has not confirmed whether the vulnerability has been exploited in attacks. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged the flaw as actively exploited in attacks and has given Federal Civilian Executive Branch (FCEB) agencies three weeks to secure their systems by January 28th. CISA encourages all organizations, including private sector, to patch their devices against this actively exploited flaw as soon as possible. HPE OneView is an IT infrastructure management software that streamlines IT operations and controls all systems via a centralized dashboard interface. The hotfix must be reapplied after upgrading from version 6.60 or later to version 7.00.00, or after any HPE Synergy Composer reimaging operations. Separate hotfixes are available for the OneView virtual appliance and Synergy Composer2.

Open in new tab