CVE-2025-9661 | THREATINT

Description

OS command injection vulneravility in the management gui (maintenance utility) of Hitachi Virtual Storage Platform One Block 23, 24, 26 and 28. This issue affects Hitachi Virtual Storage Platform One Block 23/24/26/28: before DKCMAIN A3-04-21-40/00, ESM A3-04-21/00.

PUBLISHED Reserved 2025-08-29 | Published 2026-05-07 | Updated 2026-05-07 | Assigner Hitachi

HIGH: 8.1CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-78 Improper neutralization of special elements used in an OS command ('OS command injection')

Product status

Default status

unaffected

Any version before DKCMAIN A3-04-21-40/00, ESM A3-04-21/00

affected

Default status

unaffected

Any version before DKCMAIN A3-04-21-40/00, ESM A3-04-21/00

affected

Default status

unaffected

Any version before DKCMAIN A3-04-21-40/00, ESM A3-04-21/00

affected

Default status

unaffected

Any version before DKCMAIN A3-04-21-40/00, ESM A3-04-21/00

affected

References

www.hitachi.com/...age-solutions/sec_info/2026/2026_309.html

cve.org (CVE-2025-9661)

nvd.nist.gov (CVE-2025-9661)

Download JSON

help @ threatint.eu