Skip to main content

Hitachi Virtual Storage Platform One Block 24

1 CVEs product

Monthly

CVE-2025-9661 HIGH This Week

Remote command injection in Hitachi Virtual Storage Platform One Block versions 23, 24, 26, and 28 allows unauthenticated attackers to execute arbitrary OS commands through the management GUI maintenance utility. The vulnerability affects the DKCMAIN and ESM components prior to versions A3-04-21-40/00 and A3-04-21/00 respectively. With CVSS 8.1 (High) and network attack vector, this represents significant risk to enterprise storage infrastructure, though AC:H indicates exploitation requires specialized conditions. No active exploitation confirmed (not in CISA KEV) and EPSS data not available at time of analysis.

Command Injection Hitachi Virtual Storage Platform One Block 23 Hitachi Virtual Storage Platform One Block 24 Hitachi Virtual Storage Platform One Block 26 Hitachi Virtual Storage Platform One Block 28
NVD VulDB
CVSS 3.1
8.1
EPSS
0.1%
EPSS 0% CVSS 8.1
HIGH This Week

Remote command injection in Hitachi Virtual Storage Platform One Block versions 23, 24, 26, and 28 allows unauthenticated attackers to execute arbitrary OS commands through the management GUI maintenance utility. The vulnerability affects the DKCMAIN and ESM components prior to versions A3-04-21-40/00 and A3-04-21/00 respectively. With CVSS 8.1 (High) and network attack vector, this represents significant risk to enterprise storage infrastructure, though AC:H indicates exploitation requires specialized conditions. No active exploitation confirmed (not in CISA KEV) and EPSS data not available at time of analysis.

Command Injection Hitachi Virtual Storage Platform One Block 23 Hitachi Virtual Storage Platform One Block 24 +2
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy