Security information for Hitachi Disk Array Systems

Security Information ID

Hitachi-sec-2021-314

Vulnerability description

CVE-2021-41333 | Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2021-43207 | Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2021-43215 | iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution
CVE-2021-43216 | Microsoft Local Security Authority Server (lsasrv) Information Disclosure Vulnerability
CVE-2021-43217 | Windows Encrypting File System (EFS) Remote Code Execution Vulnerability
CVE-2021-43219 | DirectX Graphics Kernel File Denial of Service Vulnerability
CVE-2021-43222 | Microsoft Message Queuing Information Disclosure Vulnerability
CVE-2021-43223 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVE-2021-43224 | Windows Common Log File System Driver Information Disclosure Vulnerability
CVE-2021-43226 | Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2021-43227 | Storage Spaces Controller Information Disclosure Vulnerability
CVE-2021-43228 | Sym Crypt Denial of Service Vulnerability
CVE-2021-43229 | Windows NTFS Elevation of Privilege Vulnerability
CVE-2021-43230 | Windows NTFS Elevation of Privilege Vulnerability
CVE-2021-43231 | Windows NTFS Elevation of Privilege Vulnerability
CVE-2021-43232 | Windows Event Tracing Remote Code Execution Vulnerability
CVE-2021-43233 | Remote Desktop Client Remote Code Execution Vulnerability
CVE-2021-43234 | Windows Fax Service Remote Code Execution Vulnerability
CVE-2021-43235 | Storage Spaces Controller Information Disclosure Vulnerability
CVE-2021-43236 | Microsoft Message Queuing Information Disclosure Vulnerability
CVE-2021-43238 | Windows Remote Access Elevation of Privilege Vulnerability
CVE-2021-43244 | Windows Kernel Information Disclosure Vulnerability
CVE-2021-43246 | Windows Hyper-V Denial of Service Vulnerability
CVE-2021-43247 | Windows TCP/IP Driver Elevation of Privilege Vulnerability
CVE-2021-43248 | Windows Digital Media Receiver Elevation of Privilege Vulnerability
CVE-2021-43883 | Windows Installer Elevation of Privilege Vulnerability
CVE-2021-43893 | Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability

Affected products

The following table shows the affected products.

The following products are not affected by the vulnerabilities:

• Hitachi Virtual Storage Platform E590, E790, E990, E590H, E790H, E990
• Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900
• Hitachi Virtual Storage Platform F350, F370, F700, F900
• Hitachi Virtual Storage Platform G100, G200, G400, G600, G800
• Hitachi Virtual Storage Platform F400, F600, F800
• Hitachi Virtual Storage Platform N400, N600, N800
• Hitachi Universal Storage Platform V
• Hitachi Universal Storage Platform VM
• Hitachi Unified Storage 100
• Hitachi Adaptable Modular Storage
• Hitachi Workgroup Modular Storage
• Hitachi Simple Modular Storage
• Hitachi Virtual Storage Platform
• Hitachi Virtual Storage Platform VP9500

• page top

Action to be taken

Software update.

Please contact your authorized service representative for details on any corrective actions such as software updates and the schedule for their release.

• page top

References

Please refer to the Security Update Guide (Microsoft) about the vulnerabilities.

• https://portal.msrc.microsoft.com/en-US/security-guidance

• page top

Revision history

• January 7, 2022: This security information page is published.