April 28, 2021
Hitachi, Ltd. IT Platform Products Management Division
Hitachi Disk Array Systems have the following vulnerability.
Hitachi-sec-2021-303
CVE-2021-1640 | Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2021-1729 | Windows Update Stack Setup Elevation of Privilege Vulnerability
CVE-2021-24095 | DirectX Elevation of Privilege Vulnerability
CVE-2021-24107 | Windows Event Tracing Information Disclosure Vulnerability
CVE-2021-26411 | Internet Explorer Memory Corruption Vulnerability
CVE-2021-26860 | Windows App-V Overlay Filter Elevation of Privilege Vulnerability
CVE-2021-26861 | Windows Graphics Component Remote Code Execution Vulnerability
CVE-2021-26862 | Windows Installer Elevation of Privilege Vulnerability
CVE-2021-26863 | Windows Win32k Elevation of Privilege Vulnerability
CVE-2021-26864 | Windows Virtual Registry Provider Elevation of Privilege Vulnerability
CVE-2021-26865 | Windows Container Execution Agent Elevation of Privilege Vulnerability
CVE-2021-26866 | Windows Update Service Elevation of Privilege Vulnerability
CVE-2021-26868 | Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2021-26869 | Windows ActiveX Installer Service Information Disclosure Vulnerability
CVE-2021-26870 | Windows Projected File System Elevation of Privilege Vulnerability
CVE-2021-26871 | Windows Wallet Service Elevation of Privilege Vulnerability
CVE-2021-26872 | Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-26873 | Windows User Profile Service Elevation of Privilege Vulnerability
CVE-2021-26874 | Windows Overlay Filter Elevation of Privilege Vulnerability
CVE-2021-26875 | Windows Win32k Elevation of Privilege Vulnerability
CVE-2021-26876 | OpenType Font Parsing Remote Code Execution Vulnerability
CVE-2021-26878 | Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2021-26879 | Windows NAT Denial of Service Vulnerability
CVE-2021-26880 | Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2021-26881 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability
CVE-2021-26882 | Remote Access API Elevation of Privilege Vulnerability
CVE-2021-26884 | Windows Media Photo Codec Information Disclosure Vulnerability
CVE-2021-26885 | Windows Wallet Service Elevation of Privilege Vulnerability
CVE-2021-26886 | User Profile Service Denial of Service Vulnerability
CVE-2021-26889 | Windows Update Stack Elevation of Privilege Vulnerability
CVE-2021-26890 | Application Virtualization Remote Code Execution Vulnerability
CVE-2021-26891 | Windows Container Execution Agent Elevation of Privilege Vulnerability
CVE-2021-26892 | Windows Extensible Firmware Interface Security Feature Bypass Vulnerability
CVE-2021-26898 | Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-26899 | Windows UPnP Device Host Elevation of Privilege Vulnerability
CVE-2021-26901 | Windows Event Tracing Elevation of Privilege Vulnerability
CVE-2021-27077 | Windows Win32k Elevation of Privilege Vulnerability
CVE-2021-27085 | Internet Explorer Remote Code Execution Vulnerability
The following table shows the affected products.
| Product Name |
Hitachi Unified Storage VM (HUS VM) |
|---|---|
| Vulnerability ID |
CVE-2021-1640, CVE-2021-24107, CVE-2021-26411, CVE-2021-26861, CVE-2021-26862, CVE-2021-26866, CVE-2021-26868, CVE-2021-26869, CVE-2021-26871, CVE-2021-26872, CVE-2021-26873, CVE-2021-26875, CVE-2021-26878, CVE-2021-26879, CVE-2021-26881, CVE-2021-26882, CVE-2021-26884, CVE-2021-26885, CVE-2021-26886, CVE-2021-26898, CVE-2021-26899, CVE-2021-26901, CVE-2021-27077 |
| Product Name |
Hitachi Virtual Storage Platform 5100, 5500 Hitachi Virtual Storage Platform 5100H, 5500H |
|---|---|
| Vulnerability ID |
CVE-2021-1640, CVE-2021-1729, CVE-2021-24095, CVE-2021-24107, CVE-2021-26411, CVE-2021-26860, CVE-2021-26861, CVE-2021-26862, CVE-2021-26863, CVE-2021-26864, CVE-2021-26865, CVE-2021-26866, CVE-2021-26868, CVE-2021-26869, CVE-2021-26870, CVE-2021-26871, CVE-2021-26872, CVE-2021-26873, CVE-2021-26874, CVE-2021-26875, CVE-2021-26876, CVE-2021-26878, CVE-2021-26879, CVE-2021-26880, CVE-2021-26881, CVE-2021-26882, CVE-2021-26884, CVE-2021-26885, CVE-2021-26886, CVE-2021-26889, CVE-2021-26890, CVE-2021-26891, CVE-2021-26892, CVE-2021-26898, CVE-2021-26899, CVE-2021-26901, CVE-2021-27077, CVE-2021-27085 |
| Product Name |
Hitachi Virtual Storage Platform G1000, G1500 Hitachi Virtual Storage Platform F1500 Hitachi Virtual Storage Platform VX7 |
|---|---|
| Vulnerability ID |
CVE-2021-1640, CVE-2021-24107, CVE-2021-26411, CVE-2021-26861, CVE-2021-26862, CVE-2021-26866, CVE-2021-26868, CVE-2021-26869, CVE-2021-26871, CVE-2021-26872, CVE-2021-26873, CVE-2021-26875, CVE-2021-26878, CVE-2021-26879, CVE-2021-26881, CVE-2021-26882, CVE-2021-26884, CVE-2021-26885, CVE-2021-26886, CVE-2021-26898, CVE-2021-26899, CVE-2021-26901, CVE-2021-27077 |
The following products are not affected by the vulnerabilities:
Please refer to the Security Update Guide (Microsoft) about the vulnerabilities.
