CVE-2025-0824: Lack of validation for firmware update in Hitachi Hitachi Virtual Storage Platform One Block 23, 24, 26, 28. This issue affects Hitachi Virtual Storage Platform One Block 23, 24,
Lack of validation for firmware update in Hitachi Hitachi Virtual Storage Platform One Block 23, 24, 26, 28.
This issue affects Hitachi Virtual Storage Platform One Block 23, 24, 26, 28: before DKCMAIN A3-04-21-40/00, ESM A3-04-21/00.
Details
Original advisory: https://nvd.nist.gov/vuln/detail/CVE-2025-0824
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Low exploitation riskCVE-2025-08240.08% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 0% of all scored CVEs.
Referenced CVEs
| CVE | CSIRTS overview | External |
|---|---|---|
| CVE-2025-0824 | coverage & exploitation status | NVD · CVE.org |
Recent advisories for Lack of validation
A cluster of recent advisories against the same product widens the attack surface — attackers routinely chain freshly published CVEs on one product, so review these together.
- highCVE-2026-57246: When dealing with abnormally constructed objects, there is a lack of argument validation; Java…nvd · 2026-07-08
- highCVE-2026-57242: The application opens the PDF, and JavaScript modifies the form. However, the related objects …nvd · 2026-07-08
- unknownCVE-2026-53730: DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, the /de2api…nvd · 2026-07-07
- mediumCVE-2026-48949: Lack of validation leads to an XSS vulnerability in the MFA management views.nvd · 2026-07-07
- highGHSA-wrq8-fcv5-8hvp: Coder: Route hijacking through lack of validation of agent-supplied AllowedIPs in tailnet…ghsa · 2026-07-06
- criticalCVE-2026-24013: Authentication Bypass by Spoofing vulnerability in Apache IoTDB. Certain Thrift RPC query hand…nvd · 2026-07-06
More from NVD Recent CVEs
- mediumCVE-2026-15485: A flaw has been found in TRENDnet TEW-821DAP 1.11B03. The impacted element is the function sub…2026-07-12
- highCVE-2026-15484: A vulnerability was detected in TRENDnet TEW-821DAP 1.12B01. The affected element is the funct…2026-07-12
- highCVE-2026-15483: A security vulnerability has been detected in TRENDnet TEW-821DAP 1.12B01. Impacted is the fun…2026-07-12
- highCVE-2026-15482: A weakness has been identified in Aster Telecom Azcall 10/11. This issue affects some unknown …2026-07-12
- highCVE-2026-15481: A security flaw has been discovered in Trendnet TEW-635BRM up to 1.00.03. This vulnerability a…2026-07-12