Security information for Hitachi Disk Array Systems

Security Information ID

Hitachi-sec-2020-315

Vulnerability description

ADV200012            | October 2020 Adobe Flash Security Update
CVE-2020-0764      | Windows Storage Services Elevation of Privilege Vulnerability
CVE-2020-1167      | Microsoft Graphics Components Remote Code Execution Vulnerability
CVE-2020-16876    | Windows Application Compatibility Client Library Elevation of Privilege Vulnerability
CVE-2020-16885    | Windows Storage VSP Driver Elevation of Privilege Vulnerability
CVE-2020-16887    | Windows Network Connections Service Elevation of Privilege Vulnerability
CVE-2020-16889    | Windows Kernel Stream Information Disclosure Vulnerability
CVE-2020-16890    | Windows Kernel Elevation of Privilege Vulnerability
CVE-2020-16892    | Windows Image Elevation of Privilege Vulnerability
CVE-2020-16895    | Windows Error Reporting Manager Elevation of Privilege Vulnerability
CVE-2020-16896    | Windows Remote Desktop Protocol(RDP) Information Disclosure Vulnerability
CVE-2020-16897    | Net BT Information Disclosure Vulnerability
CVE-2020-16898    | Windows TCP/IP Remote Code Execution Vulnerability
CVE-2020-16899    | Windows TCP/IP Denial of Service Vulnerability
CVE-2020-16900    | Windows Event System Elevation of Privilege Vulnerability
CVE-2020-16902    | Windows Installer Elevation of Privilege Vulnerability
CVE-2020-16905    | Windows Error Reporting Elevation of Privilege Vulnerability
CVE-2020-16907    | Win32k Elevation of Privilege Vulnerability
CVE-2020-16909    | Windows Error Reporting Elevation of Privilege Vulnerability
CVE-2020-16910    | Windows Security Feature Bypass Vulnerability
CVE-2020-16911    | GDI+ Remote Code Execution Vulnerability
CVE-2020-16912    | Windows Backup Service Elevation of Privilege Vulnerability
CVE-2020-16913    | Win32k Elevation of Privilege Vulnerability
CVE-2020-16914    | Windows GDI+ Information Disclosure Vulnerability
CVE-2020-16915    | Media Foundation Memory Corruption Vulnerability
CVE-2020-16916    | Windows COM Server Elevation of Privilege Vulnerability
CVE-2020-16919    | Windows Enterprise App Management Service Information Disclosure Vulnerability
CVE-2020-16920    | Windows Application Compatibility Client Library Elevation of Privilege Vulnerability
CVE-2020-16921    | Windows Text Services Framework Information Disclosure Vulnerability
CVE-2020-16922    | Windows Spoofing Vulnerability
CVE-2020-16923    | Microsoft Graphics Components Remote Code Execution Vulnerability
CVE-2020-16924    | Jet Database Engine Remote Code Execution Vulnerability
CVE-2020-16927    | Windows Remote Desktop Protocol RDP) Denial of Service Vulnerability
CVE-2020-16935    | Windows COM Server Elevation of Privilege Vulnerability
CVE-2020-16936    | Windows Backup Service Elevation of Privilege Vulnerability
CVE-2020-16937    | .NET Framework Information Disclosure Vulnerability
CVE-2020-16939    | Group Policy Elevation of Privilege Vulnerability
CVE-2020-16940    | Windows - User Profile Service Elevation of Privilege Vulnerability
CVE-2020-16967    | Windows Camera Codec Pack Remote Code Execution Vulnerability
CVE-2020-16968    | Windows Camera Codec Pack Remote Code Execution Vulnerability
CVE-2020-16972    | Windows Backup Service Elevation of Privilege Vulnerability
CVE-2020-16973    | Windows Backup Service Elevation of Privilege Vulnerability
CVE-2020-16974    | Windows Backup Service Elevation of Privilege Vulnerability
CVE-2020-16975    | Windows Backup Service Elevation of Privilege Vulnerability
CVE-2020-16976    | Windows Backup Service Elevation of Privilege Vulnerability

Affected products

The following table shows the affected products.

The following products are not affected by the vulnerabilities:

• Hitachi Virtual Storage Platform E990
• Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900
• Hitachi Virtual Storage Platform F350, F370, F700, F900
• Hitachi Virtual Storage Platform G100, G200, G400, G600, G800
• Hitachi Virtual Storage Platform F400, F600, F800
• Hitachi Virtual Storage Platform N400, N600, N800
• Hitachi Universal Storage Platform V
• Hitachi Universal Storage Platform VM
• Hitachi Unified Storage 100
• Hitachi Adaptable Modular Storage
• Hitachi Workgroup Modular Storage
• Hitachi Simple Modular Storage
• Hitachi Virtual Storage Platform
• Hitachi Virtual Storage Platform VP9500

• page top

Action to be taken

Software update.

Please contact your authorized service representative for details on any corrective actions such as software updates and the schedule for their release.

• page top

References

Please refer to the Security Update Guide (Microsoft) about the vulnerabilities.

• https://portal.msrc.microsoft.com/en-US/security-guidance

• page top

Revision history

• November 9, 2020: This security information page is published.