Key Information Vulnerability Overview Vulnerability ID: JVN#44266462 Description: ETERNUS SF contains an incorrect default permissions vulnerability. Affected Products Solaris 10/11 - AdvancedCopy Manager Standard Edition: 15.0 to 16.9.1 - Storage Cruiser: 15.0 to 16.9.1 RHEL 7/8/9 - AdvancedCopy Manager Standard Edition: 16.2 to 16.9.1 - Express: 16.2 to 16.9.1 - Storage Cruiser: 16.2 to 16.9.1 Windows Server 2016/2019/2022 - AdvancedCopy Manager Standard Edition: 16.4 to 16.9.1 - Express: 16.4 to 16.9.1 - Storage Cruiser: 16.4 to 16.9.1 Vulnerability Details CVE ID: CVE-2025-62577 CWE Type: CWE-276 (Incorrect Default Permissions) CVSS Score: - CVSS 3.0: 8.8 - CVSS 4.0: 8.4 Impact Low-privileged users may obtain database credentials and execute OS commands with administrative privileges. Solution Recommended Action: Apply patches Vendor Status Vendor: Fsas Technologies Inc. Status: Vulnerability exists Last Updated: 2025/10/20 Note: Visit Fsas Technologies Inc. website for more information References JPCERT/CC Addendum Vulnerability Analysis by JPCERT/CC Additional Information CVE: CVE-2025-62577 JVNDNB: JVNDNB-2025-000092