Initiativen für
Als nationale Behörde für Cybersicherheit hat das ZCB mehrere Initiativen für bestimmte Zielgruppen entwickelt, die hier vorgestellt werden.
Warning: Multiple vulnerabilities in Hewlett Packard Enterprise StoreOnce leading to Remote Code Execution, Patch Immediately!
Image
Veröffentlicht : 03/06/2025
* Last update: 03/06/2025
* Affected software:
→ HPE StoreOnce VSA - Prior to v4.3.11
* Type: Improper Authentication, Command Injection, Path Traversal, Server-Side Request Forgery (SSRF)
* CVE/CVSS:
CVE-2025-37093: CVSS 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVE-2025-37096: CVSS 7.2 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
CVE-2025-37092: CVSS 7.2 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
CVE-2025-37091: CVSS 7.2 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
CVE-2025-37089: CVSS 7.2 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
CVE-2025-37094: CVSS 5.5 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H)
CVE-2025-37090: CVSS 5.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVE-2025-37095: CVSS 4.9 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N)
Sources
Hewlett Packard - https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbst04847en_us
Risks
HPE StoreOnce Software is part of Hewlett Packard Enterprise's data protection, backup and recovery solution. These vulnerabilities could be remotely exploited to allow remote code execution, disclosure of information, server-side request forgery, authentication bypass, arbitrary file deletion, and directory traversal information disclosure vulnerabilities.
Exploiting these flaws could provide threat actors access to sensitive backup data and control over recovery systems, severely compromising confidentiality, integrity, and availability.
Description
Exploitation of vulnerabilities in Hewlett Packard Enterprise StoreOnce allows remote attackers to:
• Bypass authentication (CVE-2025-37093)
• Execute arbitrary code remotely (CVE-2025-37096, CVE-2025-37092, CVE-2025-37091 and CVE-2025-37089)
• Delete or disclose sensitive files via directory traversal (CVE-2025-37094 and CVE-2025-37095)
• Perform Server-Side Request Forgery (SSRF) to send unauthorized requests to internal or external systems (CVE-2025-37090)
Recommended Actions
Patch
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via: https://ccb.belgium.be/cert/report-incident.
While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.
References
NIST
• https://nvd.nist.gov/vuln/detail/CVE-2025-37093
• https://nvd.nist.gov/vuln/detail/CVE-2025-37096
• https://nvd.nist.gov/vuln/detail/CVE-2025-37092
• https://nvd.nist.gov/vuln/detail/CVE-2025-37091
• https://nvd.nist.gov/vuln/detail/CVE-2025-37089
• https://nvd.nist.gov/vuln/detail/CVE-2025-37094
• https://nvd.nist.gov/vuln/detail/CVE-2025-37090
• https://nvd.nist.gov/vuln/detail/CVE-2025-37095