VENOM Vulnerability - CVE-2015-3456


On May 13, 2015, a vulnerability was announced in the virtual floppy drive code used by many virtualization platforms. Exploitation of this vulnerability could allow an attacker to escape from the affected Virtual Machine (VM) guest and potentially execute code on the host. Additional information about the VENOM vulnerability is available on the NIST web site CVE-2015-3456 non-HP site.


HP takes security vulnerabilities seriously and works collaboratively through organizations like the Information Technology Information Sharing & Analysis Center (IT-ISAC), government agencies and industry partners to share information about the vulnerabilities and how to effectively address them. HP consistently employs security controls and procedures to protect against attacks that target our systems and networks.


What can you do?

Get the latest information regarding potential impact on Enterprise Products

Please visit this HP Support Center page and click the blue “Search” button.


Subscribe to HP Security Bulletins

You may subscribe to receive alerts for HP Security Bulletins published for impacted products.

Resources