August 6, 2020
Hitachi, Ltd. IT Platform Products Management Division
Hitachi Disk Array Systems have the following vulnerability.
Hitachi-sec-2020-312
CVE-2020-1085 | Windows Function Discovery Service Elevation of Privilege Vulnerability
CVE-2020-1147 | .NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability
CVE-2020-1249 | Windows Runtime Elevation of Privilege Vulnerability
CVE-2020-1267 | Local Security Authority Subsystem Service Denial of Service Vulnerability
CVE-2020-1330 | Windows Mobile Device Management Diagnostics Information Disclosure Vulnerability
CVE-2020-1333 | Group Policy Services Policy Processing Elevation of Privilege Vulnerability
CVE-2020-1336 | Windows Kernel Elevation of Privilege Vulnerability
CVE-2020-1344 | Windows Wallet Service Elevation of Privilege Vulnerability
CVE-2020-1346 | Windows Modules Installer Elevation of Privilege Vulnerability
CVE-2020-1347 | Windows Storage Services Elevation of Privilege Vulnerability
CVE-2020-1351 | Microsoft Graphics Component Information Disclosure Vulnerability
CVE-2020-1352 | Windows USO Core Worker Elevation of Privilege Vulnerability
CVE-2020-1353 | Windows Runtime Elevation of Privilege Vulnerability
CVE-2020-1354 | Windows UPnP Device Host Elevation of Privilege Vulnerability
CVE-2020-1357 | Windows System Events Broker Elevation of Privilege Vulnerability
CVE-2020-1358 | Windows Resource Policy Information Disclosure Vulnerability
CVE-2020-1359 | Windows CNG Key Isolation Service Elevation of Privilege Vulnerability
CVE-2020-1360 | Windows Profile Service Elevation of Privilege Vulnerability
CVE-2020-1361 | Windows Wallet Service Information Disclosure Vulnerability
CVE-2020-1362 | Windows Wallet Service Elevation of Privilege Vulnerability
CVE-2020-1363 | Windows Picker Platform Elevation of Privilege Vulnerability
CVE-2020-1364 | Windows Wallet Service Denial of Service Vulnerability
CVE-2020-1365 | Windows Event Logging Service Elevation of Privilege Vulnerability
CVE-2020-1366 | Windows Print Workflow Service Elevation of Privilege Vulnerability
CVE-2020-1367 | Windows Kernel Information Disclosure Vulnerability
CVE-2020-1368 | Windows Credential Enrollment Manager Service Elevation of Privilege Vulnerability
CVE-2020-1369 | Windows Wallet Service Elevation of Privilege Vulnerability
CVE-2020-1370 | Windows Runtime Elevation of Privilege Vulnerability
CVE-2020-1371 | Windows Event Logging Service Elevation of Privilege Vulnerability
CVE-2020-1372 | Windows Mobile Device Management Diagnostics Elevation of Privilege Vulnerability
CVE-2020-1373 | Windows Network Connections Service Elevation of Privilege Vulnerability
CVE-2020-1374 | Remote Desktop Client Remote Code Execution Vulnerability
CVE-2020-1375 | Windows COM Server Elevation of Privilege Vulnerability
CVE-2020-1384 | Windows CNG Key Isolation Service Elevation of Privilege Vulnerability
CVE-2020-1385 | Windows Credential Picker Elevation of Privilege Vulnerability
CVE-2020-1386 | Connected User Experiences and Telemetry Service Information Disclosure Vulnerability
CVE-2020-1387 | Windows Push Notification Service Elevation of Privilege Vulnerability
CVE-2020-1388 | Windows Elevation of Privilege Vulnerability
CVE-2020-1389 | Windows Kernel Information Disclosure Vulnerability
CVE-2020-1390 | Windows Network Connections Service Elevation of Privilege Vulnerability
CVE-2020-1392 | Windows Elevation of Privilege Vulnerability
CVE-2020-1393 | Windows Diagnostics Hub Elevation of Privilege Vulnerability
CVE-2020-1394 | Windows Elevation of Privilege Vulnerability
CVE-2020-1395 | Windows Elevation of Privilege Vulnerability
CVE-2020-1396 | Windows ALPC Elevation of Privilege Vulnerability
CVE-2020-1397 | Windows Imaging Component Information Disclosure Vulnerability
CVE-2020-1398 | Windows Lockscreen Elevation of Privilege Vulnerability
CVE-2020-1399 | Windows Runtime Elevation of Privilege Vulnerability
CVE-2020-1400 | Jet Database Engine Remote Code Execution Vulnerability
CVE-2020-1401 | Jet Database Engine Remote Code Execution Vulnerability
CVE-2020-1402 | Windows ActiveX Installer Service Elevation of Privilege Vulnerability
CVE-2020-1403 | VBScript Remote Code Execution Vulnerability
CVE-2020-1404 | Windows Runtime Elevation of Privilege Vulnerability
CVE-2020-1405 | Windows Mobile Device Management Diagnostics Elevation of Privilege Vulnerability
CVE-2020-1406 | Windows Network List Service Elevation of Privilege Vulnerability
CVE-2020-1407 | Jet Database Engine Remote Code Execution Vulnerability
CVE-2020-1408 | Microsoft Graphics Remote Code Execution Vulnerability
CVE-2020-1409 | Direct Write Remote Code Execution Vulnerability
CVE-2020-1410 | Windows Address Book Remote Code Execution Vulnerability
CVE-2020-1411 | Windows Kernel Elevation of Privilege Vulnerability
CVE-2020-1412 | Microsoft Graphics Components Remote Code Execution Vulnerability
CVE-2020-1413 | Windows Runtime Elevation of Privilege Vulnerability
CVE-2020-1414 | Windows Runtime Elevation of Privilege Vulnerability
CVE-2020-1415 | Windows Runtime Elevation of Privilege Vulnerability
CVE-2020-1418 | Windows Diagnostics Hub Elevation of Privilege Vulnerability
CVE-2020-1419 | Windows Kernel Information Disclosure Vulnerability
CVE-2020-1420 | Windows Error Reporting Information Disclosure Vulnerability
CVE-2020-1421 | LNK Remote Code Execution Vulnerability
CVE-2020-1422 | Windows Runtime Elevation of Privilege Vulnerability
CVE-2020-1424 | Windows Update Stack Elevation of Privilege Vulnerability
CVE-2020-1426 | Windows Kernel Information Disclosure Vulnerability
CVE-2020-1427 | Windows Network Connections Service Elevation of Privilege Vulnerability
CVE-2020-1428 | Windows Network Connections Service Elevation of Privilege Vulnerability
CVE-2020-1429 | Windows Error Reporting Manager Elevation of Privilege Vulnerability
CVE-2020-1430 | Windows UPnP Device Host Elevation of Privilege Vulnerability
CVE-2020-1431 | Windows AppX Deployment Extensions Elevation of Privilege Vulnerability
CVE-2020-1432 | Skype for Business via Internet Explorer Information Disclosure Vulnerability
CVE-2020-1433 | Microsoft Edge PDF Information Disclosure Vulnerability
CVE-2020-1434 | Windows Sync Host Service Elevation of Privilege Vulnerability
CVE-2020-1435 | GDI+ Remote Code Execution Vulnerability
CVE-2020-1436 | Windows Font Library Remote Code Execution Vulnerability
CVE-2020-1437 | Windows Network Location Awareness Service Elevation of Privilege Vulnerability
CVE-2020-1438 | Windows Network Connections Service Elevation of Privilege Vulnerability
CVE-2020-1461 | Microsoft Defender Elevation of Privilege Vulnerability
CVE-2020-1463 | Windows Shared Stream Library Elevation of Privilege Vulnerability
CVE-2020-1468 | Windows GDI Information Disclosure Vulnerability
The following table shows the affected products.
Product Name |
Hitachi Unified Storage VM (HUS VM) |
---|---|
Vulnerability ID |
CVE-2020-1085, CVE-2020-1147, CVE-2020-1249, CVE-2020-1267, CVE-2020-1333, CVE-2020-1344, CVE-2020-1346, CVE-2020-1351, CVE-2020-1352, CVE-2020-1353, CVE-2020-1354, CVE-2020-1358, CVE-2020-1359, CVE-2020-1360, CVE-2020-1361, CVE-2020-1362, CVE-2020-1364, CVE-2020-1365, CVE-2020-1368, CVE-2020-1369, CVE-2020-1370, CVE-2020-1371, CVE-2020-1373, CVE-2020-1374, CVE-2020-1384, CVE-2020-1385, CVE-2020-1389, CVE-2020-1390, CVE-2020-1393, CVE-2020-1396, CVE-2020-1397, CVE-2020-1398, CVE-2020-1399, CVE-2020-1400, CVE-2020-1401, CVE-2020-1402, CVE-2020-1403, CVE-2020-1404, CVE-2020-1406, CVE-2020-1407, CVE-2020-1408, CVE-2020-1409, CVE-2020-1410, CVE-2020-1411, CVE-2020-1412, CVE-2020-1413, CVE-2020-1419, CVE-2020-1420, CVE-2020-1421, CVE-2020-1427, CVE-2020-1428, CVE-2020-1429, CVE-2020-1430, CVE-2020-1432, CVE-2020-1433, CVE-2020-1434, CVE-2020-1435, CVE-2020-1436, CVE-2020-1437, CVE-2020-1438, CVE-2020-1461, CVE-2020-1468 |
Product Name |
Hitachi Virtual Storage Platform 5100, 5500 Hitachi Virtual Storage Platform 5100H, 5500H |
---|---|
Vulnerability ID |
CVE-2020-1085, CVE-2020-1147, CVE-2020-1249, CVE-2020-1267, CVE-2020-1330, CVE-2020-1333, CVE-2020-1336, CVE-2020-1344, CVE-2020-1346, CVE-2020-1347, CVE-2020-1351, CVE-2020-1352, CVE-2020-1353, CVE-2020-1354, CVE-2020-1357, CVE-2020-1358, CVE-2020-1359, CVE-2020-1360, CVE-2020-1361, CVE-2020-1362, CVE-2020-1363, CVE-2020-1364, CVE-2020-1365, CVE-2020-1366, CVE-2020-1367, CVE-2020-1368, CVE-2020-1369, CVE-2020-1370, CVE-2020-1371, CVE-2020-1372, CVE-2020-1373, CVE-2020-1374, CVE-2020-1375, CVE-2020-1384, CVE-2020-1385, CVE-2020-1386, CVE-2020-1387, CVE-2020-1388, CVE-2020-1389, CVE-2020-1390, CVE-2020-1392, CVE-2020-1393, CVE-2020-1394, CVE-2020-1395, CVE-2020-1396, CVE-2020-1397, CVE-2020-1398, CVE-2020-1399, CVE-2020-1400, CVE-2020-1401, CVE-2020-1402, CVE-2020-1403, CVE-2020-1404, CVE-2020-1405, CVE-2020-1406, CVE-2020-1407, CVE-2020-1408, CVE-2020-1409, CVE-2020-1410, CVE-2020-1411, CVE-2020-1412, CVE-2020-1413, CVE-2020-1414, CVE-2020-1415, CVE-2020-1418, CVE-2020-1419, CVE-2020-1420, CVE-2020-1421, CVE-2020-1422, CVE-2020-1424, CVE-2020-1426, CVE-2020-1427, CVE-2020-1428, CVE-2020-1429, CVE-2020-1430, CVE-2020-1431, CVE-2020-1432, CVE-2020-1433, CVE-2020-1434, CVE-2020-1435, CVE-2020-1436, CVE-2020-1437, CVE-2020-1438, CVE-2020-1461, CVE-2020-1463, CVE-2020-1468 |
Product Name |
Hitachi Virtual Storage Platform G1000, G1500 Hitachi Virtual Storage Platform F1500 Hitachi Virtual Storage Platform VX7 |
---|---|
Vulnerability ID |
CVE-2020-1085, CVE-2020-1147, CVE-2020-1249, CVE-2020-1267, CVE-2020-1333, CVE-2020-1344, CVE-2020-1346, CVE-2020-1351, CVE-2020-1352, CVE-2020-1353, CVE-2020-1354, CVE-2020-1358, CVE-2020-1359, CVE-2020-1360, CVE-2020-1361, CVE-2020-1362, CVE-2020-1364, CVE-2020-1365, CVE-2020-1368, CVE-2020-1369, CVE-2020-1370, CVE-2020-1371, CVE-2020-1373, CVE-2020-1374, CVE-2020-1384, CVE-2020-1385, CVE-2020-1389, CVE-2020-1390, CVE-2020-1393, CVE-2020-1396, CVE-2020-1397, CVE-2020-1398, CVE-2020-1399, CVE-2020-1400, CVE-2020-1401, CVE-2020-1402, CVE-2020-1403, CVE-2020-1404, CVE-2020-1406, CVE-2020-1407, CVE-2020-1408, CVE-2020-1409, CVE-2020-1410, CVE-2020-1411, CVE-2020-1412, CVE-2020-1413, CVE-2020-1419, CVE-2020-1420, CVE-2020-1421, CVE-2020-1427, CVE-2020-1428, CVE-2020-1429, CVE-2020-1430, CVE-2020-1432, CVE-2020-1433, CVE-2020-1434, CVE-2020-1435, CVE-2020-1436, CVE-2020-1437, CVE-2020-1438, CVE-2020-1461, CVE-2020-1468 |
The following products are not affected by the vulnerabilities:
Please refer to the Security Update Guide (Microsoft) about the vulnerabilities.