CVE-2025-1978

EPSS 0.32%
Veröffentlicht 07.05.2026 08:05:42
Zuletzt bearbeitet 13.05.2026 19:15:52
Quelle hirt@hitachi.co.jp
CVE-Watchlists
Login
Unerledigt
Login

Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console

Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28.

This issue affects Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28  : before DKCMAIN Ver. 88-08-16-xx/00, SVP Ver. 88-08-18-xx/00, before DKCMAIN Ver. 93-07-26-xx/00, SVP Ver. 93-07-26-xx/00, before DKCMAIN Ver. A3-04-02-xx/00, MPC Ver. A3-04-02-xx/00, before DKCMAIN Ver. A3-03-41-xx/00, MPC Ver. A3-03-41-xx/00, before DKCMAIN Ver. A3-03-03-xx/00, MPC Ver. A3-03-03-xx/00.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

NVD 23 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hitachi ≫ Virtual Storage One Block Version23

Hitachi ≫ Virtual Storage One Block Version24

Hitachi ≫ Virtual Storage One Block Version26

Hitachi ≫ Virtual Storage One Block Version28

Hitachi ≫ Vsp G130 Firmware Version-

Hitachi ≫ Vsp G130 Version-

Hitachi ≫ Vsp G150 Firmware Version-

Hitachi ≫ Vsp G150 Version-

Hitachi ≫ Vsp G350 Firmware Version-

Hitachi ≫ Vsp G350 Version-

Hitachi ≫ Vsp G370 Firmware Version-

Hitachi ≫ Vsp G370 Version-

Hitachi ≫ Vsp G700 Firmware Version-

Hitachi ≫ Vsp G700 Version-

Hitachi ≫ Vsp G900 Firmware Version-

Hitachi ≫ Vsp G900 Version-

Hitachi ≫ Vsp F350 Firmware Version-

Hitachi ≫ Vsp F350 Version-

Hitachi ≫ Vsp F370 Firmware Version-

Hitachi ≫ Vsp F370 Version-

Hitachi ≫ Vsp F700 Firmware Version-

Hitachi ≫ Vsp F700 Version-

Hitachi ≫ Vsp F900 Firmware Version-

Hitachi ≫ Vsp F900 Version-

Hitachi ≫ Vsp E390 Firmware Version-

Hitachi ≫ Vsp E390 Version-

Hitachi ≫ Vsp E590 Firmware Version-

Hitachi ≫ Vsp E590 Version-

Hitachi ≫ Vsp E790 Firmware Version-

Hitachi ≫ Vsp E790 Version-

Hitachi ≫ Vsp E990 Firmware Version-

Hitachi ≫ Vsp E990 Version-

Hitachi ≫ Vsp E1090 Firmware Version-

Hitachi ≫ Vsp E1090 Version-

Hitachi ≫ Vsp E390h Firmware Version-

Hitachi ≫ Vsp E390h Version-

Hitachi ≫ Vsp E590h Firmware Version-

Hitachi ≫ Vsp E590h Version-

Hitachi ≫ Vsp E790h Firmware Version-

Hitachi ≫ Vsp E790h Version-

Hitachi ≫ Vsp E1090h Firmware Version-

Hitachi ≫ Vsp E1090h Version-

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.32%	0.549

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
hirt@hitachi.co.jp	8.3	3.9	3.7	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

https://www.hitachi.com/products/it/storage-solutions/sec_info/2026/2026_307.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-1978

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-1978

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-1978

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-1978