CVE-2025-65115— Remote Code Execution Vulnerability in JP1/IT Desktop Management 2 and JP1/NETM/DM
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-65115
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Remote Code Execution Vulnerability in JP1/IT Desktop Management 2 and JP1/NETM/DM
Source: NVD (National Vulnerability Database)
Vulnerability Description
Remote Code Execution Vulnerability in JP1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management 2 - Operations Director on Windows, Job Management Partner 1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management - Manager on Windows, Job Management Partner 1/IT Desktop Management - Manager on Windows, JP1/NETM/DM Manager on Windows, JP1/NETM/DM Client on Windows, Job Management Partner 1/Software Distribution Manager on Windows, Job Management Partner 1/Software Distribution Client on Windows.This issue affects JP1/IT Desktop Management 2 - Manager: from 13-50 before 13-50-02, from 13-11 before 13-11-04, from 13-10 before 13-10-07, from 13-01 before 13-01-07, from 13-00 before 13-00-05, from 12-60 before 12-60-12, from 10-50 through 12-50-11; JP1/IT Desktop Management 2 - Operations Director: from 13-50 before 13-50-02, from 13-11 before 13-11-04, from 13-10 before 13-10-07, from 13-01 before 13-01-07, from 13-00 before 13-00-05, from 12-60 before 12-60-12, from 10-50 through 12-50-11; Job Management Partner 1/IT Desktop Management 2 - Manager: from 10-50 through 10-50-11; JP1/IT Desktop Management - Manager: from 09-50 through 10-10-16; Job Management Partner 1/IT Desktop Management - Manager: from 09-50 through 10-10-16; JP1/NETM/DM Manager: from 09-00 through 10-20-02; JP1/NETM/DM Client: from 09-00 through 10-20-02; Job Management Partner 1/Software Distribution Manager: from 09-00 through 09-51-13; Job Management Partner 1/Software Distribution Client: from 09-00 through 09-51-13.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
文件名或路径的外部可控制
Source: NVD (National Vulnerability Database)
Vulnerability Title
Hitachi Job Management Partner 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Hitachi Job Management Partner是日本日立制作所(Hitachi)公司的一系列作业调度与运维管理软件。 Hitachi Job Management Partner存在安全漏洞,该漏洞源于远程代码执行。以下版本受到影响:JP1/IT Desktop Management 2 - Manager 13-50-02之前版本、13-11-04之前版本、13-10-07之前版本、13-01-07之前版本、13-00-05之前版本、12-60-12之前版本、10-50至12-50-11版
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Hitachi | JP1/IT Desktop Management 2 - Manager | 13-50 ~ 13-50-02 | - | |
| Hitachi | JP1/IT Desktop Management 2 - Operations Director | 13-50 ~ 13-50-02 | - | |
| Hitachi | Job Management Partner 1/IT Desktop Management 2 - Manager | 10-50 ~ 10-50-11 | - | |
| Hitachi | JP1/IT Desktop Management - Manager | 09-50 ~ 10-10-16 | - | |
| Hitachi | Job Management Partner 1/IT Desktop Management - Manager | 09-50 ~ 10-10-16 | - | |
| Hitachi | JP1/NETM/DM Manager | 09-00 ~ 10-20-02 | - | |
| Hitachi | JP1/NETM/DM Client | 09-00 ~ 10-20-02 | - | |
| Hitachi | Job Management Partner 1/Software Distribution Manager | 09-00 ~ 09-51-13 | - | |
| Hitachi | Job Management Partner 1/Software Distribution Client | 09-00 ~ 09-51-13 | - |
II. Public POCs for CVE-2025-65115
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-65115
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same vendor: Hitachi
- CVE-2025-1978
Remote Code Execution Vulnerability in Hitachi Storage Navig - CVE-2025-2514
Improper Restriction of Excessive Authentication Attempts vu - CVE-2025-9661
OS command injection vulneravility in the management gui (ma - CVE-2025-65116
Buffer Overflow Vulnerability in JP1/IT Desktop Management 2 - CVE-2026-2072
Cross-Site Scripting vulnerability in Hitachi Infrastructure
Same weakness: CWE-73
- CVE-2026-41693
i18next-fs-backend: Path traversal via unsanitised lng/ns al - CVE-2026-44127
Local File Inclusion (LFI) and Arbitrary File Deletion - CVE-2026-7633
Totolink N300RH cstecgi.cgi setUploadSetting file inclusion - CVE-2026-42424
OpenClaw < 2026.4.8 - Local File Exfiltration via Shared Rep - CVE-2026-41177
Squidex has Blind SSRF via file:// Protocol in Restore API l
V. Comments for CVE-2025-65115
No comments yet