The bug in HPE SIM makes it easy as pie for attackers to remotely trigger code, no user interaction necessary.
Threatpost