Hitachi Virtual Storage Platform Vulnerabilities
Summary
CERT-Bund has issued a security advisory regarding critical vulnerabilities (CVSS 9.8) in Hitachi Virtual Storage Platform. The vulnerabilities allow for remote code execution and authentication bypass. Mitigation measures are available.
What changed
CERT-Bund has released a critical security advisory (WID-SEC-2026-0894) detailing multiple vulnerabilities in Hitachi Virtual Storage Platform (VSP). These vulnerabilities, with a CVSS Base Score of 9.8, can be exploited remotely to execute arbitrary code, bypass authentication, or perform other unspecified attacks. The advisory indicates that mitigation measures are available.
Organizations utilizing Hitachi VSP, particularly those running it on Windows or other unspecified operating systems, should immediately review the advisory and implement available mitigation strategies. Failure to address these critical vulnerabilities could lead to significant security breaches, including unauthorized access and control of sensitive data stored on the platform.
What to do next
- Review CERT-Bund advisory WID-SEC-2026-0894 for Hitachi Virtual Storage Platform vulnerabilities.
- Implement available mitigation measures to address remote code execution and authentication bypass risks.
- Assess the impact of vulnerabilities on systems running Hitachi VSP, especially on Windows.
Source document (simplified)
[WID-SEC-2026-0894] Hitachi Virtual Storage Platform: Mehrere Schwachstellen CVSS Base Score 9.8 (kritisch) CVSS Temporal Score 8.5 (hoch) Remoteangriff ja Datum 26.03.2026 Stand 27.03.2026 Mitigation ja
Betroffene Systeme
Betriebssystem
- Sonstiges
- Windows
Produktbeschreibung
Hitachi VSP ist eine Speicherlösung mit Virtualisierung.
Produkte
26.03.2026
- Hitachi Virtual Storage Platform
Angriff
Angriff
Ein Angreifer kann mehrere Schwachstellen in Hitachi Virtual Storage Platform ausnutzen, um beliebigen Code auszuführen, die Authentifizierung zu umgehen oder andere, nicht näher spezifizierte Angriffe durchzuführen. CVE Informationen Versionshistorie Feedback zum Advisory geben
Related changes
Source
Classification
Who this affects
Taxonomy
Browse Categories
Get Data Privacy & Cybersecurity alerts
Weekly digest. AI-summarized, no noise.
Free. Unsubscribe anytime.
Get alerts for this source
We'll email you when CERT-Bund Security Advisories publishes new changes.