CVE-2025-1978

{"id": "CVE-2025-1978", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "hirt@hitachi.co.jp", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.3, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 3.7, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2026-05-07T09:16:26.017", "references": [{"url": "https://www.hitachi.com/products/it/storage-solutions/sec_info/2026/2026_307.html", "tags": ["Vendor Advisory"], "source": "hirt@hitachi.co.jp"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "hirt@hitachi.co.jp", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28.\n\nThis issue affects Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900,\u00a0Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28\u00a0 : before DKCMAIN Ver. 88-08-16-xx/00, SVP Ver. 88-08-18-xx/00, before DKCMAIN Ver. 93-07-26-xx/00, SVP Ver. 93-07-26-xx/00, before DKCMAIN Ver. A3-04-02-xx/00, MPC Ver. A3-04-02-xx/00, before DKCMAIN Ver. A3-03-41-xx/00, MPC Ver. A3-03-41-xx/00, before DKCMAIN Ver. A3-03-03-xx/00, MPC Ver. A3-03-03-xx/00."}], "lastModified": "2026-05-13T19:15:52.813", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hitachi:virtual_storage_one_block:23:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46788D83-153E-42CF-ACA5-09506AA45D54"}, {"criteria": "cpe:2.3:a:hitachi:virtual_storage_one_block:24:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC7E00FD-2148-457B-B91A-FDB575DF8DF7"}, {"criteria": "cpe:2.3:a:hitachi:virtual_storage_one_block:26:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "04B799D3-FCF2-4832-8E5D-65D5BE53F47D"}, {"criteria": "cpe:2.3:a:hitachi:virtual_storage_one_block:28:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC55432F-8451-4859-A01A-946C26A793C6"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hitachi:vsp_g130_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5B2BAC8-57F6-46ED-94DA-8736AD883AA0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hitachi:vsp_g130:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "13116ECB-AFB9-4B48-B17E-188D6DA59E9F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hitachi:vsp_g150_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1885D369-A410-4713-8C6C-995983A41BFD"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hitachi:vsp_g150:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "77D64FA2-123C-4FBB-B75A-34A927386B37"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hitachi:vsp_g350_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A731027-8E2B-40BA-B9C4-4947C142E21E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hitachi:vsp_g350:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E10C0C39-452D-4B45-BA08-AFA8A3C4865E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hitachi:vsp_g370_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11C63C8F-CD8D-4160-A235-956E555BF76A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hitachi:vsp_g370:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9365C651-1AFD-421A-94A4-F2E5C9E4CBE8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hitachi:vsp_g700_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "088FA23C-DA5D-4D18-B2B6-C08A69EBF5D4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hitachi:vsp_g700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "928EC0AA-5867-4645-BEFC-CC6EC1BE5DEF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hitachi:vsp_g900_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50875AE9-8891-4663-BB57-9AF24CB886D5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hitachi:vsp_g900:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2D67068E-7CA2-4812-9CA0-93D9389DB76D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hitachi:vsp_f350_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A90D4875-79A3-467D-8FBB-4428A8703A0E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hitachi:vsp_f350:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "59B2F16C-7D50-4BEC-B717-EE3A886A0712"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hitachi:vsp_f370_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "745CE69F-A6CB-48D7-AE24-8640D591022A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hitachi:vsp_f370:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "93C18A8C-A147-4F12-BE47-0B7B07D4BFCF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hitachi:vsp_f700_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0806117B-A5DB-46DB-8A5E-D3047623ED08"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hitachi:vsp_f700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "93387AB9-C1B7-4FDD-B345-1C31631366FC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hitachi:vsp_f900_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F895ACC-9540-4DB7-B26B-1A7FB1077960"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hitachi:vsp_f900:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6C67FD48-706E-42A6-9CBD-32593235A147"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hitachi:vsp_e390_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "333C7015-B0FA-4D84-B607-99C801F54281"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hitachi:vsp_e390:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D272EC8F-F41C-4B87-8118-C73C5062740C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hitachi:vsp_e590_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F87EBA56-897B-4C3C-BD0F-AE3C3331E210"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hitachi:vsp_e590:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1D88EFBC-994A-4C81-9124-1D9870D98B3C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hitachi:vsp_e790_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45599576-C4EA-4C35-9132-92E6598589BC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hitachi:vsp_e790:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EB5CC5CB-BA37-42F8-BBF3-01893FE6E2EF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hitachi:vsp_e990_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2665F867-8B74-466A-ACF2-4CAD8FE1CE5F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hitachi:vsp_e990:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F0B3C71F-509C-4989-B0A6-830128981383"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hitachi:vsp_e1090_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A91279B0-FE94-41EB-88FA-93535516710A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hitachi:vsp_e1090:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "48C3F68C-5955-472A-BD2A-0FFD50D72023"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hitachi:vsp_e390h_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE4CE9A8-021D-4FC3-AC8E-DC2F223794AD"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hitachi:vsp_e390h:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4F4254AD-3C05-413B-BA37-0DC2E77A76FE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hitachi:vsp_e590h_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C28D063C-5D77-4D5D-8FD1-AF1ADCC285E2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hitachi:vsp_e590h:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "31F5975B-1BEE-4EC8-BF6D-AC1484BE50EE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hitachi:vsp_e790h_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3EFAB78-1BDE-440D-9ADB-CB17383B56B8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hitachi:vsp_e790h:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "01F7CC2E-22C8-4C16-ADF2-413849FAEDF0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hitachi:vsp_e1090h_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B59EE4DC-4C14-4D25-ACA0-72CD5D436F02"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hitachi:vsp_e1090h:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4AAB6AB8-F9A6-4F2F-8ABB-ACE15CA90DC6"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "hirt@hitachi.co.jp"}