Description
Buffer Overflow Vulnerability in JP1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management 2 - Operations Director on Windows, Job Management Partner 1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management - Manager on Windows, Job Management Partner 1/IT Desktop Management - Manager on Windows, JP1/NETM/DM Manager on Windows, JP1/NETM/DM Client on Windows, Job Management Partner 1/Software Distribution Manager on Windows, Job Management Partner 1/Software Distribution Client on Windows.This issue affects JP1/IT Desktop Management 2 - Manager: from 13-50 before 13-50-02, from 13-11 before 13-11-04, from 13-10 before 13-10-07, from 13-01 before 13-01-07, from 13-00 before 13-00-05, from 12-60 before 12-60-12, from 10-50 through 12-50-11; JP1/IT Desktop Management 2 - Operations Director: from 13-50 before 13-50-02, from 13-11 before 13-11-04, from 13-10 before 13-10-07, from 13-01 before 13-01-07, from 13-00 before 13-00-05, from 12-60 before 12-60-12, from 10-50 through 12-50-11; Job Management Partner 1/IT Desktop Management 2 - Manager: from 10-50 through 10-50-11; JP1/IT Desktop Management - Manager: from 09-50 through 10-10-16; Job Management Partner 1/IT Desktop Management - Manager: from 09-50 through 10-10-16; JP1/NETM/DM Manager: from 09-00 through 10-20-02; JP1/NETM/DM Client: from 09-00 through 10-20-02; Job Management Partner 1/Software Distribution Manager: from 09-00 through 09-51-13; Job Management Partner 1/Software Distribution Client: from 09-00 through 09-51-13.
Published: 2026-04-07
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Potential for memory corruption leading to code execution or denial of service
Action: Apply Patch
AI Analysis

Impact

Buffer overflow vulnerability resides in the Windows versions of JP1/IT Desktop Management 2 Manager and Operations Director, as well as related JP1/NETM/DM Manager and Client components. This flaw allows an attacker, given suitable input, to exceed expected buffer limits, potentially leading to memory corruption. The impact of such corruption could include arbitrary code execution or denial of service, though the exact consequences depend on the exploited context. The weakness is classified as a buffer overflow (CWE‑763).

Affected Systems

Affected systems encompass several Hitachi product families: JP1/IT Desktop Management 2 Manager and Operations Director, JP1/IT Desktop Management (legacy) Manager, Job Management Partner 1/IT Desktop Management 2 Manager, Job Management Partner 1/IT Desktop Management Manager, JP1/NETM/DM Manager and Client, and Job Management Partner 1 Software Distribution Manager and Client. The issue affects Windows versions prior to the specified patch levels: for JP1/IT Desktop Management 2 Manager, versions 13‑50, 13‑11, 13‑10, 13‑01, 13‑00, 12‑60, and all releases 10‑50 through 12‑50‑11; for JP1/IT Desktop Management 2 Operations Director, the same set of pre‑patch releases; for Job Management Partner 1/IT Desktop Management 2 Manager, releases 10‑50 through 10‑50‑11; for JP1/IT Desktop Management Manager and Job Management Partner 1/IT Desktop Management Manager, releases 09‑50 through 10‑10‑16; for JP1/NETM/DM components, releases 09‑00 through 10‑20‑02; and for Job Management Partner 1 Software Distribution components, releases 09‑00 through 09‑51‑13.

Risk and Exploitability

The CVSS score of 5.5 indicates a medium severity impact. EPSS information is not provided, and the vulnerability is not listed in the KEV catalog, suggesting no widespread exploitation has been reported. Based on the description, the likely attack vector is local misuse of privileged input to the affected Windows services, though remote exploitation cannot be ruled out. An attacker who successfully triggers the overflow could cause program crashes or potentially gain code execution, depending on the environment and privilege level.

Generated by OpenCVE AI on April 7, 2026 at 09:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Verify if any security release or patch is available from Hitachi for the affected JP1/IT Desktop Management or JP1/NETM/DM products and apply it immediately.
  • If no patch exists, upgrade the software to a later, non‑vulnerable version that is not listed among the affected releases above.
  • Restrict access to the vulnerable components by limiting authentication and network exposure, or disable them if not required.
  • Monitor system logs for abnormal activity that might indicate an attempted exploitation of buffer overflow conditions.

Generated by OpenCVE AI on April 7, 2026 at 09:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 07 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 07 Apr 2026 07:15:00 +0000

Type Values Removed Values Added
Description Buffer Overflow Vulnerability in JP1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management 2 - Operations Director on Windows, Job Management Partner 1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management - Manager on Windows, Job Management Partner 1/IT Desktop Management - Manager on Windows, JP1/NETM/DM Manager on Windows, JP1/NETM/DM Client on Windows, Job Management Partner 1/Software Distribution Manager on Windows, Job Management Partner 1/Software Distribution Client on Windows.This issue affects JP1/IT Desktop Management 2 - Manager: from 13-50 before 13-50-02, from 13-11 before 13-11-04, from 13-10 before 13-10-07, from 13-01 before 13-01-07, from 13-00 before 13-00-05, from 12-60 before 12-60-12, from 10-50 through 12-50-11; JP1/IT Desktop Management 2 - Operations Director: from 13-50 before 13-50-02, from 13-11 before 13-11-04, from 13-10 before 13-10-07, from 13-01 before 13-01-07, from 13-00 before 13-00-05, from 12-60 before 12-60-12, from 10-50 through 12-50-11; Job Management Partner 1/IT Desktop Management 2 - Manager: from 10-50 through 10-50-11; JP1/IT Desktop Management - Manager: from 09-50 through 10-10-16; Job Management Partner 1/IT Desktop Management - Manager: from 09-50 through 10-10-16; JP1/NETM/DM Manager: from 09-00 through 10-20-02; JP1/NETM/DM Client: from 09-00 through 10-20-02; Job Management Partner 1/Software Distribution Manager: from 09-00 through 09-51-13; Job Management Partner 1/Software Distribution Client: from 09-00 through 09-51-13.
Title Buffer Overflow Vulnerability in JP1/IT Desktop Management 2 and JP1/NETM/DM
Weaknesses CWE-763
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Hitachi

Published:

Updated: 2026-04-07T13:25:56.036Z

Reserved: 2025-11-18T01:27:41.899Z

Link: CVE-2025-65116

cve-icon Vulnrichment

Updated: 2026-04-07T13:25:52.930Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-07T06:16:41.073

Modified: 2026-04-07T13:20:11.643

Link: CVE-2025-65116

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-08T19:50:04Z

Weaknesses