CVE-2025-27523

XXE vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on Windows.This issue affects JP1/IT Desktop Management 2 - Smart Device Manager: from 12-00 before 12-00-08, from 11-10 through 11-10-08, from 11-00 through 11-00-05, from 10-50 through 10-50-06.

CVSS v3 8.7 HIGH

8.7^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 5.8

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-115/index.html

Configurations

No configuration.

History

16 May 2025, 14:43

Type	Values Removed	Values Added
Summary		(es) Vulnerabilidad XXE en Hitachi JP1/IT Desktop Management 2 - Smart Device Manager en Windows. Este problema afecta a JP1/IT Desktop Management 2 - Smart Device Manager: desde las 12:00 hasta las 12:00-08, desde las 11:10 hasta las 11:10-08, desde las 11:00 hasta las 11:00-05, desde las 10:50 hasta las 10:50-06.

15 May 2025, 07:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-15 07:15

Updated : 2025-05-16 14:43

NVD link : CVE-2025-27523

Mitre link : CVE-2025-27523

CVE.ORG link : CVE-2025-27523

JSON object : View

Products Affected

No product.

CWE

CWE-611

Improper Restriction of XML External Entity Reference

8.7 /10