CISA Warns of Attacks on PowerPoint and HPE Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) maintains the Known Exploited Vulnerabilities (KEV) catalog to flag flaws that adversaries are actively weaponizing. Adding older bugs like the 2009 PowerPoint issue alongside brand‑new high‑severity flaws reflects a broader trend: threat actors continue to mine legacy code for easy entry points, while modern infrastructure platforms present lucrative, high‑impact targets. By publishing the KEV list, CISA provides a prioritized roadmap for IT teams, helping them focus limited resources on vulnerabilities most likely to be leveraged in the wild.

HPE OneView’s CVE‑2025‑37164 exemplifies the danger of unpatched code in critical data‑center management stacks. Rated a perfect 10.0, the vulnerability permits unauthenticated remote code execution, and Rapid7’s proof‑of‑concept demonstrates a straightforward exploitation path. The vendor’s advisory recommends a hotfix covering versions 5.20 through 10.20, yet the Rapid7 analysis suggests that only specific OneView for VMs releases may be vulnerable. Organizations running HPE OneView should verify their version, apply the patch immediately, and monitor for any Metasploit‑based activity, as the public module lowers the barrier for less‑skilled attackers.

The PowerPoint CVE‑2009‑0556 case serves as a cautionary tale for legacy software stewardship. Although Microsoft issued a fix in 2009, many enterprises still host archived Office installations for compatibility, leaving them exposed to a memory‑corruption exploit that can grant full system control. The vulnerability’s continued presence in the KEV catalog signals that attackers still target outdated office suites, especially in environments with privileged users. Companies should decommission unsupported PowerPoint versions, enforce least‑privilege policies, and ensure that any residual files are scanned for malicious payloads. Together, these incidents highlight the need for continuous vulnerability management across both new and legacy technology stacks.