Cyber Resilience

CVE-2025-65115

High

Published: 07 April 2026

Published
07 April 2026
Modified
07 April 2026
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0061 44.7th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2025-65115 is a high-severity External Control of File Name or Path (CWE-73) vulnerability in Hitachi (inferred from references). Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 44.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-7 (Boundary Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-65115 is a remote code execution vulnerability (CWE-73) affecting multiple JP1/IT Desktop Management products on Windows, including JP1/IT Desktop Management 2 - Manager and JP1/IT Desktop Management 2 - Operations Director. Vulnerable versions of JP1/IT Desktop Management 2 - Manager span from 13-50 before 13-50-02, 13-11 before 13-11-04, 13-10 before 13-10-07, 13-01 before 13-01-07, 13-00 before 13-00-05, 12-60 before 12-60-12, and 10-50 through 12-50-11. The same ranges apply to JP1/IT Desktop Management 2 - Operations Director, while legacy products such as Job Management Partner 1/IT Desktop Management 2 - Manager (10-50 through 10-50-11), JP1/IT Desktop Management - Manager and Job Management Partner 1/IT Desktop Management - Manager (09-50 through 10-10-16), JP1/NETM/DM Manager and Client (09-00 through 10-20-02), and Job Management Partner 1/Software Distribution Manager and Client (09-00 through 09-51-13) are also impacted.

The vulnerability carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). A remote attacker with low privileges can exploit it over the network with low attack complexity and without requiring user interaction. Successful exploitation enables high-impact outcomes, including unauthorized remote code execution with high effects on confidentiality, integrity, and availability.

Hitachi's security advisory (https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2026-118/index.html) addresses the issue, with mitigation achieved by updating to patched versions beyond the specified vulnerable ranges, such as 13-50-02 or later for JP1/IT Desktop Management 2 - Manager.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Remote Code Execution Vulnerability in JP1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management 2 - Operations Director on Windows, Job Management Partner 1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management - Manager on Windows,…

more

Job Management Partner 1/IT Desktop Management - Manager on Windows, JP1/NETM/DM Manager on Windows, JP1/NETM/DM Client on Windows, Job Management Partner 1/Software Distribution Manager on Windows, Job Management Partner 1/Software Distribution Client on Windows.This issue affects JP1/IT Desktop Management 2 - Manager: from 13-50 before 13-50-02, from 13-11 before 13-11-04, from 13-10 before 13-10-07, from 13-01 before 13-01-07, from 13-00 before 13-00-05, from 12-60 before 12-60-12, from 10-50 through 12-50-11; JP1/IT Desktop Management 2 - Operations Director: from 13-50 before 13-50-02, from 13-11 before 13-11-04, from 13-10 before 13-10-07, from 13-01 before 13-01-07, from 13-00 before 13-00-05, from 12-60 before 12-60-12, from 10-50 through 12-50-11; Job Management Partner 1/IT Desktop Management 2 - Manager: from 10-50 through 10-50-11; JP1/IT Desktop Management - Manager: from 09-50 through 10-10-16; Job Management Partner 1/IT Desktop Management - Manager: from 09-50 through 10-10-16; JP1/NETM/DM Manager: from 09-00 through 10-20-02; JP1/NETM/DM Client: from 09-00 through 10-20-02; Job Management Partner 1/Software Distribution Manager: from 09-00 through 09-51-13; Job Management Partner 1/Software Distribution Client: from 09-00 through 09-51-13.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Direct remote code execution over the network on a management application component (AV:N, PR:L) matches exploitation of public-facing or remotely accessible services.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-65473Shared CWE-73
CVE-2025-10134Shared CWE-73
CVE-2026-40370Shared CWE-73
CVE-2025-64712Shared CWE-73
CVE-2024-12267Shared CWE-73
CVE-2025-9048Shared CWE-73
CVE-2025-66254Shared CWE-73
CVE-2026-26360Shared CWE-73
CVE-2025-10058Shared CWE-73
CVE-2026-5809Shared CWE-73

Affected Assets

Hitachi
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mandates identification, reporting, and timely remediation of software flaws like this RCE vulnerability through application of Hitachi's specified patches.

prevent

Monitors and controls communications at system boundaries to block unauthorized remote network access to vulnerable JP1 Desktop Management services, countering AV:N/AC:L.

prevent

Enforces least privilege to minimize the scope and impact of remote code execution even when low-privilege (PR:L) access is exploited.

References