April 27, 2020
Hitachi, Ltd. IT Platform Products Management Division
Hitachi Disk Array Systems have the following vulnerability.
Hitachi-sec-2020-307
CVE-2020-0687 | Microsoft Graphics Remote Code Execution Vulnerability
CVE-2020-0699 | Win32k Information Disclosure Vulnerability
CVE-2020-0784 | DirectX Elevation of Privilege Vulnerability
CVE-2020-0794 | Windows Denial of Service Vulnerability
CVE-2020-0821 | Windows Kernel Information Disclosure Vulnerability
CVE-2020-0888 | DirectX Elevation of Privilege Vulnerability
CVE-2020-0889 | Jet Database Engine Remote Code Execution Vulnerability
CVE-2020-0895 | Windows VBScript Engine Remote Code Execution Vulnerability
CVE-2020-0907 | Microsoft Graphics Components Remote Code Execution Vulnerability
CVE-2020-0910 | Windows Hyper-V Remote Code Execution Vulnerability
CVE-2020-0913 | Windows Kernel Elevation of Privilege Vulnerability
CVE-2020-0917 | Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2020-0918 | Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2020-0934 | Windows Elevation of Privilege Vulnerability
CVE-2020-0936 | Windows Scheduled Task Elevation of Privilege Vulnerability
CVE-2020-0937 | Media Foundation Information Disclosure Vulnerability
CVE-2020-0938 | Adobe Font Manager Library Remote Code Execution Vulnerability
CVE-2020-0940 | Windows Push Notification Service Elevation of Privilege Vulnerability
CVE-2020-0942 | Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability
CVE-2020-0944 | Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability
CVE-2020-0945 | Media Foundation Information Disclosure Vulnerability
CVE-2020-0946 | Media Foundation Information Disclosure Vulnerability
CVE-2020-0948 | Media Foundation Memory Corruption Vulnerability
CVE-2020-0949 | Media Foundation Memory Corruption Vulnerability
CVE-2020-0950 | Media Foundation Memory Corruption Vulnerability
CVE-2020-0952 | Windows GDI Information Disclosure Vulnerability
CVE-2020-0953 | Jet Database Engine Remote Code Execution Vulnerability
CVE-2020-0955 | Windows Kernel Information Disclosure in CPU Memory Access
CVE-2020-0956 | Win32k Elevation of Privilege Vulnerability
CVE-2020-0958 | Win32k Elevation of Privilege Vulnerability
CVE-2020-0959 | Jet Database Engine Remote Code Execution Vulnerability
CVE-2020-0960 | Jet Database Engine Remote Code Execution Vulnerability
CVE-2020-0962 | Win32k Information Disclosure Vulnerability
CVE-2020-0964 | GDI+ Remote Code Execution Vulnerability
CVE-2020-0965 | Microsoft Windows Codecs Library Remote Code Execution Vulnerability
CVE-2020-0966 | VBScript Remote Code Execution Vulnerability
CVE-2020-0967 | VBScript Remote Code Execution Vulnerability
CVE-2020-0968 | Scripting Engine Memory Corruption Vulnerability
CVE-2020-0969 | Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2020-0970 | Scripting Engine Memory Corruption Vulnerability
CVE-2020-0982 | Microsoft Graphics Component Information Disclosure Vulnerability
CVE-2020-0983 | Windows Elevation of Privilege Vulnerability
CVE-2020-0985 | Windows Update Stack Elevation of Privilege Vulnerability
CVE-2020-0987 | Microsoft Graphics Component Information Disclosure Vulnerability
CVE-2020-0988 | Jet Database Engine Remote Code Execution Vulnerability
CVE-2020-0992 | Jet Database Engine Remote Code Execution Vulnerability
CVE-2020-0993 | Windows DNS Denial of Service Vulnerability
CVE-2020-0994 | Jet Database Engine Remote Code Execution Vulnerability
CVE-2020-0995 | Jet Database Engine Remote Code Execution Vulnerability
CVE-2020-0996 | Windows Update Stack Elevation of Privilege Vulnerability
CVE-2020-0999 | Jet Database Engine Remote Code Execution Vulnerability
CVE-2020-1000 | Windows Kernel Elevation of Privilege Vulnerability
CVE-2020-1001 | Windows Push Notification Service Elevation of Privilege Vulnerability
CVE-2020-1003 | Windows Kernel Elevation of Privilege Vulnerability
CVE-2020-1004 | Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2020-1005 | Microsoft Graphics Component Information Disclosure Vulnerability
CVE-2020-1006 | Windows Push Notification Service Elevation of Privilege Vulnerability
CVE-2020-1007 | Windows Kernel Information Disclosure Vulnerability
CVE-2020-1008 | Jet Database Engine Remote Code Execution Vulnerability
CVE-2020-1009 | Windows Elevation of Privilege Vulnerability
CVE-2020-1011 | Windows Elevation of Privilege Vulnerability
CVE-2020-1014 | Microsoft Windows Update Client Elevation of Privilege Vulnerability
CVE-2020-1015 | Windows Elevation of Privilege Vulnerability
CVE-2020-1016 | Windows Push Notification Service Information Disclosure Vulnerability
CVE-2020-1017 | Windows Push Notification Service Elevation of Privilege Vulnerability
CVE-2020-1020 | Adobe Font Manager Library Remote Code Execution Vulnerability
CVE-2020-1027 | Windows Kernel Elevation of Privilege Vulnerability
CVE-2020-1029 | Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability
CVE-2020-1094 | Windows Work Folder Service Elevation of Privilege Vulnerability
The following table shows the affected products.
Product Name |
Hitachi Unified Storage VM (HUS VM) |
---|---|
Vulnerability ID |
CVE-2020-0687, CVE-2020-0784, CVE-2020-0821, CVE-2020-0889, CVE-2020-0895, CVE-2020-0907, CVE-2020-0936, CVE-2020-0937, CVE-2020-0938, CVE-2020-0945, CVE-2020-0946, CVE-2020-0948, CVE-2020-0949, CVE-2020-0950, CVE-2020-0952, CVE-2020-0953, CVE-2020-0955, CVE-2020-0956, CVE-2020-0958, CVE-2020-0959, CVE-2020-0960, CVE-2020-0962, CVE-2020-0964, CVE-2020-0965, CVE-2020-0966, CVE-2020-0967, CVE-2020-0968, CVE-2020-0969, CVE-2020-0982, CVE-2020-0983, CVE-2020-0985, CVE-2020-0987, CVE-2020-0988, CVE-2020-0992, CVE-2020-0993, CVE-2020-0994, CVE-2020-0995, CVE-2020-0999, CVE-2020-1003, CVE-2020-1004, CVE-2020-1005, CVE-2020-1007, CVE-2020-1008, CVE-2020-1009, CVE-2020-1011, CVE-2020-1014, CVE-2020-1015, CVE-2020-1016, CVE-2020-1020, CVE-2020-1027, CVE-2020-1094 |
Product Name |
Hitachi Virtual Storage Platform 5100, 5500 Hitachi Virtual Storage Platform 5100H, 5500H |
---|---|
Vulnerability ID |
CVE-2020-0687, CVE-2020-0699, CVE-2020-0784, CVE-2020-0794, CVE-2020-0821, CVE-2020-0888, CVE-2020-0889, CVE-2020-0895, CVE-2020-0907, CVE-2020-0910, CVE-2020-0913, CVE-2020-0917, CVE-2020-0918, CVE-2020-0934, CVE-2020-0936, CVE-2020-0937, CVE-2020-0938, CVE-2020-0940, CVE-2020-0942, CVE-2020-0944, CVE-2020-0945, CVE-2020-0946, CVE-2020-0948, CVE-2020-0949, CVE-2020-0950, CVE-2020-0952, CVE-2020-0953, CVE-2020-0955, CVE-2020-0956, CVE-2020-0958, CVE-2020-0959, CVE-2020-0960, CVE-2020-0962, CVE-2020-0964, CVE-2020-0965, CVE-2020-0966, CVE-2020-0967, CVE-2020-0968, CVE-2020-0969, CVE-2020-0970, CVE-2020-0982, CVE-2020-0983, CVE-2020-0985, CVE-2020-0987, CVE-2020-0988, CVE-2020-0992, CVE-2020-0993, CVE-2020-0994, CVE-2020-0995, CVE-2020-0996, CVE-2020-0999, CVE-2020-1000, CVE-2020-1001, CVE-2020-1003, CVE-2020-1004, CVE-2020-1005, CVE-2020-1006, CVE-2020-1007, CVE-2020-1008, CVE-2020-1009, CVE-2020-1011, CVE-2020-1014, CVE-2020-1015, CVE-2020-1016, CVE-2020-1017, CVE-2020-1020, CVE-2020-1027, CVE-2020-1029, CVE-2020-1094 |
Product Name |
Hitachi Virtual Storage Platform G1000, G1500 Hitachi Virtual Storage Platform F1500 Hitachi Virtual Storage Platform VX7 |
---|---|
Vulnerability ID |
CVE-2020-0687, CVE-2020-0784, CVE-2020-0821, CVE-2020-0889, CVE-2020-0895, CVE-2020-0907, CVE-2020-0936, CVE-2020-0937, CVE-2020-0938, CVE-2020-0945, CVE-2020-0946, CVE-2020-0948, CVE-2020-0949, CVE-2020-0950, CVE-2020-0952, CVE-2020-0953, CVE-2020-0955, CVE-2020-0956, CVE-2020-0958, CVE-2020-0959, CVE-2020-0960, CVE-2020-0962, CVE-2020-0964, CVE-2020-0965, CVE-2020-0966, CVE-2020-0967, CVE-2020-0968, CVE-2020-0969, CVE-2020-0982, CVE-2020-0983, CVE-2020-0985, CVE-2020-0987, CVE-2020-0988, CVE-2020-0992, CVE-2020-0993, CVE-2020-0994, CVE-2020-0995, CVE-2020-0999, CVE-2020-1003, CVE-2020-1004, CVE-2020-1005, CVE-2020-1007, CVE-2020-1008, CVE-2020-1009, CVE-2020-1011, CVE-2020-1014, CVE-2020-1015, CVE-2020-1016, CVE-2020-1020, CVE-2020-1027, CVE-2020-1094 |
The following products are not affected by the vulnerabilities:
Please refer to the Security Update Guide (Microsoft) about the vulnerabilities.