CVE-2025-27523

HIGH

Hitachi JP1/IT Desktop Management 2 - Smart Device Manager <12-00-0...

Title source: llm

Description

XXE vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on Windows.This issue affects JP1/IT Desktop Management 2 - Smart Device Manager: from 12-00 before 12-00-08, from 11-10 through 11-10-08, from 11-00 through 11-00-05, from 10-50 through 10-50-06.

References (1)

[Various Sources] https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-115/index.html

Scores

CVSS v3 8.7

EPSS 0.0028

EPSS Percentile 51.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-611

Status published

Products (4)

Hitachi/JP1/IT Desktop Management 2 - Smart Device Manager 10-50 - 10-50-06

Hitachi/JP1/IT Desktop Management 2 - Smart Device Manager 11-00 - 11-00-05

Hitachi/JP1/IT Desktop Management 2 - Smart Device Manager 11-10 - 11-10-08

Hitachi/JP1/IT Desktop Management 2 - Smart Device Manager 12-00 - 12-00-08

Published May 15, 2025

Tracked Since Feb 18, 2026