CVE-2021-29644
moderate-risk
Published 2021-10-12
Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 contains a remote code execution vulnerability because of an Integer Overflow. An attacker with network access to port 31016 may exploit this issue to execute code with unrestricted privileges on the underlying OS.
Do I need to act?
~
2.6% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.1/10
High
NETWORK
/ HIGH complexity
Affected Products (14)
It Operations Director
Job Management Partner 1\/It Desktop Management-Manager
Job Management Partner 1\/It Desktop Management 2-Manager
Job Management Partner 1\/Remote Control Agent
Job Management Partner 1\/Software Distribution Client
Job Management Partner 1\/Software Distribution Manager
Jp1\/It Desktop Management-Manager
Jp1\/It Desktop Management 2-Manager
Jp1\/It Desktop Management 2-Operations Director
Jp1\/Netdm\/Dm Client
Jp1\/Netdm\/Dm Client-Remote Control Feature
Jp1\/Netdm\/Dm Manager
Jp1\/Netm\/Remote Control Agent
Jp1\/Remote Control Agent
Affected Vendors
References (2)
Vendor Advisory
https://www.hitachi.com/hirt/security/index.html
Vendor Advisory
https://www.hitachi.com/hirt/security/index.html
48
/ 100
moderate-risk
Severity
24/34 · High
Exploitability
6/34 · Minimal
Exposure
18/34 · Moderate