CVE-2025-65115
April 7, 2026, 1:20 p.m.
8.8
High
Description
Remote Code Execution Vulnerability in JP1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management 2 - Operations Director on Windows, Job Management Partner 1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management - Manager on Windows, Job Management Partner 1/IT Desktop Management - Manager on Windows, JP1/NETM/DM Manager on Windows, JP1/NETM/DM Client on Windows, Job Management Partner 1/Software Distribution Manager on Windows, Job Management Partner 1/Software Distribution Client on Windows.This issue affects JP1/IT Desktop Management 2 - Manager: from 13-50 before 13-50-02, from 13-11 before 13-11-04, from 13-10 before 13-10-07, from 13-01 before 13-01-07, from 13-00 before 13-00-05, from 12-60 before 12-60-12, from 10-50 through 12-50-11; JP1/IT Desktop Management 2 - Operations Director: from 13-50 before 13-50-02, from 13-11 before 13-11-04, from 13-10 before 13-10-07, from 13-01 before 13-01-07, from 13-00 before 13-00-05, from 12-60 before 12-60-12, from 10-50 through 12-50-11; Job Management Partner 1/IT Desktop Management 2 - Manager: from 10-50 through 10-50-11; JP1/IT Desktop Management - Manager: from 09-50 through 10-10-16; Job Management Partner 1/IT Desktop Management - Manager: from 09-50 through 10-10-16; JP1/NETM/DM Manager: from 09-00 through 10-20-02; JP1/NETM/DM Client: from 09-00 through 10-20-02; Job Management Partner 1/Software Distribution Manager: from 09-00 through 09-51-13; Job Management Partner 1/Software Distribution Client: from 09-00 through 09-51-13.
Product(s) Impacted
| Vendor | Product | Versions |
|---|---|---|
| Hitachi |
|
|
Weaknesses
Common security weaknesses mapped to this vulnerability.
CWE-73
External Control of File Name or Path
The product allows user input to control or influence paths or file names that are used in filesystem operations.
*CPE(s)
Affected systems and software identified for this CVE.
| Type | Vendor | Product | Version | Update | Edition | Language | Software Edition | Target Software | Target Hardware | Other Information |
|---|---|---|---|---|---|---|---|---|---|---|
| a | hitachi | jp1_it_desktop_management_2_manager | <10.0-13.50.01> | / | / | / | / | / | / | / |
| a | hitachi | jp1_it_desktop_management_2_operations_director | <10.0-13.50.01> | / | / | / | / | / | / | / |
| a | hitachi | job_management_partner_1_it_desktop_management_2_manager | <10.0-10.50.11> | / | / | / | / | / | / | / |
| a | hitachi | jp1_it_desktop_management_manager | <09.0-10.10.16> | / | / | / | / | / | / | / |
| a | hitachi | jp1_netm_dm_manager | <09.0-10.20.02> | / | / | / | / | / | / | / |
| a | hitachi | jp1_netm_dm_client | <09.0-10.20.02> | / | / | / | / | / | / | / |
| a | hitachi | job_management_partner_1_software_distribution_manager | <09.0-09.51.13> | / | / | / | / | / | / | / |
| a | hitachi | job_management_partner_1_software_distribution_client | <09.0-09.51.13> | / | / | / | / | / | / | / |
Tags
CVSS Score
CVSS Data - 3.1
- Attack Vector: NETWORK
- Attack Complexity: LOW
- Privileges Required: LOW
- Scope: UNCHANGED
- Confidentiality Impact: HIGH
- Integrity Impact: HIGH
- Availability Impact: HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Timeline
Published: April 7, 2026, 6:16 a.m.
Last Modified: April 7, 2026, 1:20 p.m.
Last Modified: April 7, 2026, 1:20 p.m.
Status : Undergoing Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.