HPE Warns of Critical StoreOnce Security Flaws

Hewlett Packard Enterprise has issued a security bulletin warning customers of eight vulnerabilities affecting its StoreOnce systems, including a critical authentication bypass flaw. StoreOnce is HPE’s disk-based backup and deduplication solution, widely used for data protection and storage efficiency. The company flagged the issues as significant, urging users to take immediate action to mitigate potential risks.

The most severe of the vulnerabilities could allow unauthorized access to systems, potentially exposing sensitive data. HPE has not disclosed whether the flaws have been exploited in the wild but emphasized the importance of patching affected systems without delay. The bulletin includes technical details and recommended remediation steps for customers.

HPE’s disclosure highlights the ongoing cybersecurity risks facing enterprise storage infrastructure. As threat actors increasingly target backup systems to disrupt operations or deploy ransomware, vendors and customers alike are under growing pressure to secure their environments. Users are advised to consult the bulletin for specific guidance.