PT-2021-18381 · Hitachi · Hitachi Jp1/It Desktop Management 2 Agent

Published

2021-10-12

Updated

2021-10-20

CVE-2021-29644

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Hitachi JP1/IT Desktop Management 2 Agent versions 9 through 12

Description The issue is a remote code execution vulnerability due to an Integer Overflow. An attacker with network access to port 31016 can exploit this to execute code with unrestricted privileges on the underlying OS.

Recommendations For versions 9 through 12, update to a version that fixes the Integer Overflow issue to prevent remote code execution. As a temporary workaround, consider restricting access to port 31016 to minimize the risk of exploitation.

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

CVE-2021-29644

Affected Products

Hitachi Jp1/It Desktop Management 2 Agent

PT-2021-18381 · Hitachi · Hitachi Jp1/It Desktop Management 2 Agent

CVE-2021-29644

Weakness Enumeration

Related Identifiers

Affected Products

References · 4