Is CVE-2020-7136 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Hewlett Packard Enterprise Smart Update Manager (Sum)

CVE-2020-7136

A security vulnerability in HPE Smart Update Manager (SUM) prior to version 8.5.6 could allow remote unauthorized access. Hewlett Packard Enterprise has provided a software update to resolve this vulnerability in HPE Smart Update Manager (…

EPSS: 0.633 (98.4th percentile) — read the EPSS interpretation.

Affected products

Hewlett Packard Enterprise Smart Update Manager (Sum) — versions Prior to v8.5.6

Public proof-of-concept exploits

20142995/nuclei-templates
ARPSyndicate/cvemon
ARPSyndicate/kenzer-templates

References

support.hpe.com/hpsc/doc/public/display (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2020-7136?: CVE-2020-7136 is a vulnerability in Hewlett Packard Enterprise Smart Update Manager (Sum). Published 2020-04-30.
Is CVE-2020-7136 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.