Hewlett Packard Enterprise (HPE) has disclosed a zero-day bug in its proprietary HPE Systems Insight Manager (SIM) software for Windows and Linux. The vulnerability results from the lack of proper validation of user-supplied data that can result in the deserialization of untrusted data making it possible for an attacker to leverage it to execute code on servers running vulnerable software. While security updates are not yet available for this remote code execution (RCE) vulnerability, HPE has provided Windows mitigation info.
Source: https://www.bleepingcomputer.com/news/security/hpe-discloses-critical-zero-day-in-server-management-software/