CVE Catalog

CVE-2025-0824

LowCVSS 3.7
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.08%

0th percentile — higher than 0% of all known CVEs

Summary

Hitachi Virtual Storage Platform One Block 23, 24, 26, 28 lack firmware update validation. This issue affects versions before DKCMAIN A3-04-21-40/00 and ESM A3-04-21/00.

Risk Assessment

An attacker could install unauthorized or malicious firmware, potentially compromising system integrity, causing data loss, or gaining control over the device.

Recommendation

Immediately update the firmware to DKCMAIN A3-04-21-40/00 or later and ESM A3-04-21/00 or later, following the vendor's instructions.

Original NVD description (English source)

Lack of validation for firmware update in Hitachi Hitachi Virtual Storage Platform One Block 23, 24, 26, 28. This issue affects Hitachi Virtual Storage Platform One Block 23, 24, 26, 28: before DKCMAIN A3-04-21-40/00, ESM A3-04-21/00.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS