Cyber Resilience

CVE-2025-0976

Medium

Published: 25 February 2026

Published
25 February 2026
Modified
27 February 2026
KEV Added
Patch
CVSS Score v3.1 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0004 11.9th percentile
Risk Priority 9 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-0976 is a medium-severity Insertion of Sensitive Information into Log File (CWE-532) vulnerability in Hitachi Configuration Manager. Its CVSS base score is 4.7 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Data from Local System (T1005); ranked at the 11.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 PE-19 (Information Leakage) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-0976 is an information exposure vulnerability (CWE-532) in Hitachi Ops Center API Configuration Manager and Hitachi Configuration Manager. It affects Hitachi Ops Center API Configuration Manager versions from 10.0.0-00 before 11.0.4-00 and Hitachi Configuration Manager versions from 8.6.1-00 before 11.0.5-00. The vulnerability was published on 2026-02-25T05:17:13.900 and carries a CVSS v3.1 base score of 4.7 (Medium: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N).

Exploitation requires a local attacker with low privileges to perform actions under high attack complexity, with no user interaction needed and no scope change. Successful attacks result in high confidentiality impact through exposure of sensitive information, with no impact on integrity or availability.

The Hitachi security advisory (https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2026-110/index.html) details the issue. Mitigation requires upgrading to Hitachi Ops Center API Configuration Manager 11.0.4-00 or later and Hitachi Configuration Manager 11.0.5-00 or later.

EU & UK References

Vulnerability details

Information Exposure Vulnerability in Hitachi Ops Center API Configuration Manager, Hitachi Configuration Manager.This issue affects Hitachi Ops Center API Configuration Manager: from 10.0.0-00 before 11.0.4-00; Hitachi Configuration Manager: from 8.6.1-00 before 11.0.5-00.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
Why these techniques?

Local information exposure vulnerability (CWE-532) directly enables collection of sensitive data from system files/logs.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-24984Same vendor: Microsoft
CVE-2025-14974Same product: Linux Linux Kernel
CVE-2024-7577Same product: Linux Linux Kernel
CVE-2026-0905Same product: Linux Linux Kernel
CVE-2024-54171Same product: Linux Linux Kernel
CVE-2024-49781Same product: Linux Linux Kernel
CVE-2024-57911Same product: Linux Linux Kernel
CVE-2024-57910Same product: Linux Linux Kernel
CVE-2024-57912Same product: Linux Linux Kernel
CVE-2025-71201Same product: Linux Linux Kernel

Affected Assets

hitachi
configuration manager
≤ 8.6.1-00 · 8.6.1-00 — 11.0.5-00
hitachi
ops center api configuration manager
10.0.0-00 — 11.0.4-00

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires timely remediation of software flaws such as the information-exposure defect fixed by upgrading to the patched Hitachi versions.

prevent

Explicitly mandates controls to stop sensitive information from leaking to unauthorized local users, matching the CWE-532 exposure in configuration-manager logs/files.

prevent

Enforces least-privilege restrictions on local accounts, limiting the attacker's ability to reach the exposed sensitive data even if the flaw remains.

References