- Home
- Alerts & Advisories
- Alerts
- Critical Vulnerability in Hewlett Packard Enterprise StoreOnce Software
Critical Vulnerability in Hewlett Packard Enterprise StoreOnce Software
5 June 2025
Hewlett Packard Enterprise (HPE) has released security updates to address a critical vulnerability (CVE-2025-37093) impacting StoreOnce, its disk-based backup and deduplication solution.
Background
Hewlett Packard Enterprise (HPE) has released security updates to address a critical vulnerability (CVE-2025-37093) impacting StoreOnce, its disk-based backup and deduplication solution. The vulnerability has a Common Vulnerability Scoring System (CVSSv3.1) score of 9.8 out of 10.
Impact
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on victims’ systems in HPE StoreOnce Software.
Affected Products
This vulnerability affects all HPE StoreOnce Software versions prior to v4.3.11.
Mitigation
Users and administrators of affected products are advised to update to the latest versions.
References
https://nvd.nist.gov/vuln/detail/CVE-2025-37093
https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbst04847en_us&docLocale=en_US