CVE-2025-0824 PUBLISHED

lack of validation for firmware update in Hitachi Virtual Storage

Assigner: Hitachi
Reserved: 29.01.2025 Published: 29.06.2026 Updated: 29.06.2026

Lack of validation for firmware update in Hitachi Hitachi Virtual Storage Platform One Block 23, 24, 26, 28.

This issue affects Hitachi Virtual Storage Platform One Block 23, 24, 26, 28: before DKCMAIN A3-04-21-40/00, ESM A3-04-21/00.

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L
CVSS Score: 3.7

Product Status

Vendor Hitachi
Product Hitachi Virtual Storage Platform One Block 23, 24, 26, 28
Versions Default: unaffected
  • affected from 0 to DKCMAIN A3-04-21-40/00, ESM A3-04-21/00 (excl.)

References

Problem Types

  • CWE-347 Improper verification of cryptographic signature CWE

Impacts

  • CAPEC-473 Signature Spoof