CVE-2025-65115
Published: 07 April 2026
Summary
CVE-2025-65115 is a high-severity External Control of File Name or Path (CWE-73) vulnerability in Hitachi (inferred from references). Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 25.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-7 (Boundary Protection) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mandates identification, reporting, and timely remediation of software flaws like this RCE vulnerability through application of Hitachi's specified patches.
Monitors and controls communications at system boundaries to block unauthorized remote network access to vulnerable JP1 Desktop Management services, countering AV:N/AC:L.
Enforces least privilege to minimize the scope and impact of remote code execution even when low-privilege (PR:L) access is exploited.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct remote code execution over the network on a management application component (AV:N, PR:L) matches exploitation of public-facing or remotely accessible services.
NVD Description
Remote Code Execution Vulnerability in JP1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management 2 - Operations Director on Windows, Job Management Partner 1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management - Manager on Windows,…
more
Job Management Partner 1/IT Desktop Management - Manager on Windows, JP1/NETM/DM Manager on Windows, JP1/NETM/DM Client on Windows, Job Management Partner 1/Software Distribution Manager on Windows, Job Management Partner 1/Software Distribution Client on Windows.This issue affects JP1/IT Desktop Management 2 - Manager: from 13-50 before 13-50-02, from 13-11 before 13-11-04, from 13-10 before 13-10-07, from 13-01 before 13-01-07, from 13-00 before 13-00-05, from 12-60 before 12-60-12, from 10-50 through 12-50-11; JP1/IT Desktop Management 2 - Operations Director: from 13-50 before 13-50-02, from 13-11 before 13-11-04, from 13-10 before 13-10-07, from 13-01 before 13-01-07, from 13-00 before 13-00-05, from 12-60 before 12-60-12, from 10-50 through 12-50-11; Job Management Partner 1/IT Desktop Management 2 - Manager: from 10-50 through 10-50-11; JP1/IT Desktop Management - Manager: from 09-50 through 10-10-16; Job Management Partner 1/IT Desktop Management - Manager: from 09-50 through 10-10-16; JP1/NETM/DM Manager: from 09-00 through 10-20-02; JP1/NETM/DM Client: from 09-00 through 10-20-02; Job Management Partner 1/Software Distribution Manager: from 09-00 through 09-51-13; Job Management Partner 1/Software Distribution Client: from 09-00 through 09-51-13.
Deeper analysisAI
CVE-2025-65115 is a remote code execution vulnerability (CWE-73) affecting multiple JP1/IT Desktop Management products on Windows, including JP1/IT Desktop Management 2 - Manager and JP1/IT Desktop Management 2 - Operations Director. Vulnerable versions of JP1/IT Desktop Management 2 - Manager span from 13-50 before 13-50-02, 13-11 before 13-11-04, 13-10 before 13-10-07, 13-01 before 13-01-07, 13-00 before 13-00-05, 12-60 before 12-60-12, and 10-50 through 12-50-11. The same ranges apply to JP1/IT Desktop Management 2 - Operations Director, while legacy products such as Job Management Partner 1/IT Desktop Management 2 - Manager (10-50 through 10-50-11), JP1/IT Desktop Management - Manager and Job Management Partner 1/IT Desktop Management - Manager (09-50 through 10-10-16), JP1/NETM/DM Manager and Client (09-00 through 10-20-02), and Job Management Partner 1/Software Distribution Manager and Client (09-00 through 09-51-13) are also impacted.
The vulnerability carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). A remote attacker with low privileges can exploit it over the network with low attack complexity and without requiring user interaction. Successful exploitation enables high-impact outcomes, including unauthorized remote code execution with high effects on confidentiality, integrity, and availability.
Hitachi's security advisory (https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2026-118/index.html) addresses the issue, with mitigation achieved by updating to patched versions beyond the specified vulnerable ranges, such as 13-50-02 or later for JP1/IT Desktop Management 2 - Manager.
Details
- CWE(s)