December 28, 2022
Hitachi, Ltd. IT Platform Products Management Division
Hitachi Disk Array Systems have the following vulnerability.
Hitachi-sec-2022-315
ADV220005 | Guidance on Microsoft Signed Drivers Being Used Maliciously
CVE-2022-41074 | Windows Graphics Component Information Disclosure Vulnerability
CVE-2022-41076 | PowerShell Remote Code Execution Vulnerability
CVE-2022-41077 | Windows Fax Compose Form Elevation of Privilege Vulnerability
CVE-2022-41089 | .NET Framework Remote Code Execution Vulnerability
CVE-2022-41094 | Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2022-41121 | Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2022-44666 | Windows Contacts Remote Code Execution Vulnerability
CVE-2022-44667 | Windows Media Remote Code Execution Vulnerability
CVE-2022-44668 | Windows Media Remote Code Execution Vulnerability
CVE-2022-44669 | Windows Error Reporting Elevation of Privilege Vulnerability
CVE-2022-44670 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2022-44671 | Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2022-44673 | Windows Client Server Run-Time Subsystem (CSRSS) Elevation of Privilege Vulnerability
CVE-2022-44674 | Windows Bluetooth Driver Information Disclosure Vulnerability
CVE-2022-44675 | Windows Bluetooth Driver Elevation of Privilege Vulnerability
CVE-2022-44676 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2022-44677 | Windows Projected File System Elevation of Privilege Vulnerability
CVE-2022-44678 | Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-44679 | Windows Graphics Component Information Disclosure Vulnerability
CVE-2022-44680 | Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2022-44681 | Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-44682 | Windows Hyper-V Denial of Service Vulnerability
CVE-2022-44683 | Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-44689 | Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability
CVE-2022-44697 | Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2022-44698 | Windows SmartScreen Security Feature Bypass Vulnerability
CVE-2022-44707 | Windows Kernel Denial of Service Vulnerability
The following table shows the affected products.
| Product Name |
Hitachi Virtual Storage Platform 5200, 5600, 5200H, 5600H Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H |
|---|---|
| Vulnerability ID |
ADV220005, CVE-2022-41074, CVE-2022-41076, CVE-2022-41077, CVE-2022-41094, CVE-2022-41121, CVE-2022-44666, CVE-2022-44667, CVE-2022-44668, CVE-2022-44669, CVE-2022-44670, CVE-2022-44671, CVE-2022-44674, CVE-2022-44675, CVE-2022-44676, CVE-2022-44677, CVE-2022-44678, CVE-2022-44679, CVE-2022-44680, CVE-2022-44681, CVE-2022-44682, CVE-2022-44683, CVE-2022-44689, CVE-2022-44697, CVE-2022-44698, CVE-2022-44707, CVE-2022-41089 |
| Product Name |
Hitachi Virtual Storage Platform G1000, G1500 Hitachi Virtual Storage Platform F1500 Hitachi Virtual Storage Platform VX7 |
|---|---|
| Vulnerability ID |
ADV220005, CVE-2022-41074, CVE-2022-41076, CVE-2022-41077, CVE-2022-41089, CVE-2022-41094, CVE-2022-41121, CVE-2022-44666, CVE-2022-44667, CVE-2022-44668, CVE-2022-44670, CVE-2022-44675, CVE-2022-44676, CVE-2022-44678, CVE-2022-44679, CVE-2022-44680, CVE-2022-44681, CVE-2022-44682, CVE-2022-44683, CVE-2022-44697, CVE-2022-44707 |
The following products are not affected by the vulnerabilities:
Please refer to the Security Update Guide (Microsoft) about the vulnerabilities.
