CVE-2025-27524— Weak encryption vulnerability in JP1/IT Desktop Management 2 - Smart Device Manager
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-27524
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Weak encryption vulnerability in JP1/IT Desktop Management 2 - Smart Device Manager
Source: NVD (National Vulnerability Database)
Vulnerability Description
Weak encryption vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on Windows.This issue affects JP1/IT Desktop Management 2 - Smart Device Manager: from 12-00 before 12-00-08, from 11-10 through 11-10-08, from 11-00 through 11-00-05, from 10-50 through 10-50-06.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
不充分的加密强度
Source: NVD (National Vulnerability Database)
Vulnerability Title
Hitachi JP1/IT Desktop Management 2 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Hitachi JP1/IT Desktop Management 2是日本日立制作所(Hitachi)公司的自动收集各种类型的信息,让您可以在一处进行管理。 Hitachi JP1/IT Desktop Management 2 12-00至12-00-08之前版本、11-10至11-10-08版本、11-00至11-00-05版本和10-50至10-50-06版本存在安全漏洞,该漏洞源于加密强度不足。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Hitachi | JP1/IT Desktop Management 2 - Smart Device Manager | 12-00 ~ 12-00-08 | - |
II. Public POCs for CVE-2025-27524
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-27524
请登录查看更多情报信息。
Same Patch Batch · Hitachi · 2025-05-15 · 3 CVEs total
| CVE-2025-27523 | 8.7 HIGH | XXE vulnerability in JP1/IT Desktop Management 2 - Smart Device Manager |
| CVE-2025-27525 | 3.9 LOW | Information Exposure vulnerability in JP1/IT Desktop Management 2 - Smart Device Manager |
IV. Related Vulnerabilities
Same vendor: Hitachi
- CVE-2025-1978
Remote Code Execution Vulnerability in Hitachi Storage Navig - CVE-2025-2514
Improper Restriction of Excessive Authentication Attempts vu - CVE-2025-9661
OS command injection vulneravility in the management gui (ma - CVE-2025-65116
Buffer Overflow Vulnerability in JP1/IT Desktop Management 2 - CVE-2025-65115
Remote Code Execution Vulnerability in JP1/IT Desktop Manage
Same weakness: CWE-326
- CVE-2018-25272
ELBA5 5.8.0 Remote Code Execution via Database Access - CVE-2025-1241
Encryption vulnerable to brute-force decryption in GoAnywher - CVE-2026-5363
Use of weak cryptographic key in TP-Link Archer C7 - CVE-2026-39349
OrangeHRM Uses AES-ECB for Sensitive Data Encryption Enables - CVE-2026-33488
AVideo has a PGP 2FA Bypass via Cryptographically Broken 512
V. Comments for CVE-2025-27524
No comments yet