Skip to main content

Hitachi
Contact UsContact Us

July 9, 2026
Hitachi, Ltd.

Hitachi Disk Array Systems have the following vulnerability.

Security Information ID

hitachi-sec-2026-313

Vulnerability description

CVE-2025-54518
AMD: CVE-2025-54518 CPU OP Cache Corruption
CVE-2026-21530
Windows Rich Text Edit Elevation of Privilege Vulnerability
CVE-2026-32161
Windows Native WiFi Miniport Driver Remote Code Execution Vulnerability
CVE-2026-32170
Windows Rich Text Edit Elevation of Privilege Vulnerability
CVE-2026-32177
.NET Elevation of Privilege Vulnerability
CVE-2026-32209
Windows Filtering Platform (WFP) Security Feature Bypass Vulnerability
CVE-2026-33834
Windows Event Logging Service Elevation of Privilege Vulnerability
CVE-2026-33835
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2026-33837
Windows TCP/IP Local Elevation of Privilege Vulnerability
CVE-2026-33838
Windows Message Queuing (MSMQ) Elevation of Privilege Vulnerability
CVE-2026-33839
Win32k Elevation of Privilege Vulnerability
CVE-2026-33841
Windows Kernel Elevation of Privilege Vulnerability
CVE-2026-34329
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2026-34330
Win32k Elevation of Privilege Vulnerability
CVE-2026-34331
Win32k Elevation of Privilege Vulnerability
CVE-2026-34333
Windows Win32k Elevation of Privilege Vulnerability
CVE-2026-34334
Windows TCP/IP Elevation of Privilege Vulnerability
CVE-2026-34336
Windows DWM Core Library Information Disclosure Vulnerability
CVE-2026-34337
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2026-34338
Windows Telephony Service Elevation of Privilege Vulnerability
CVE-2026-34339
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
CVE-2026-34340
Windows Projected File System Elevation of Privilege Vulnerability
CVE-2026-34341
Windows Link-Layer Discovery Protocol (LLDP) Elevation of Privilege Vulnerability
CVE-2026-34342
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2026-34343
Windows Application Identity (AppID) Subsystem Elevation of Privilege Vulnerability
CVE-2026-34344
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-34345
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-34347
Windows Win32k Elevation of Privilege Vulnerability
CVE-2026-34351
Windows TCP/IP Elevation of Privilege Vulnerability
CVE-2026-35415
Windows Storage Spaces Controller Elevation of Privilege Vulnerability
CVE-2026-35416
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-35417
Windows Win32k Elevation of Privilege Vulnerability
CVE-2026-35418
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2026-35421
Windows GDI Remote Code Execution Vulnerability
CVE-2026-35422
Windows TCP/IP Driver Security Feature Bypass Vulnerability
CVE-2026-35423
Windows 11 Telnet Client Information Disclosure Vulnerability
CVE-2026-35424
Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability
CVE-2026-40377
Microsoft Cryptographic Services Elevation of Privilege Vulnerability
CVE-2026-40380
Windows Volume Manager Extension Driver Remote Code Execution Vulnerability
CVE-2026-40382
Windows Telephony Service Elevation of Privilege Vulnerability
CVE-2026-40397
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2026-40398
Windows Remote Desktop Services Elevation of Privilege Vulnerability
CVE-2026-40399
Windows TCP/IP Elevation of Privilege Vulnerability
CVE-2026-40401
Windows TCP/IP Denial of Service Vulnerability
CVE-2026-40403
Windows Graphics Component Remote Code Execution Vulnerability
CVE-2026-40406
Windows TCP/IP Information Disclosure Vulnerability
CVE-2026-40407
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2026-40408
Windows WAN ARP Driver Elevation of Privilege Vulnerability
CVE-2026-40410
Windows SMB Client Elevation of Privilege Vulnerability
CVE-2026-40413
Windows TCP/IP Denial of Service Vulnerability
CVE-2026-40414
Windows TCP/IP Denial of Service Vulnerability
CVE-2026-40415
Windows TCP/IP Remote Code Execution Vulnerability
CVE-2026-41088
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-41097
Secure Boot Security Feature Bypass Vulnerability
CVE-2026-42825
Windows Telephony Service Elevation of Privilege Vulnerability

Affected products

The following table shows the affected products.

Product
Name
Hitachi Virtual Storage Platform 5200, 5600, 5200H, 5600H
Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H
Vulnerability
ID

[Windows 10 for x64-based Systems (Version1809)]

CVE-2025-54518, CVE-2026-21530, CVE-2026-32161, CVE-2026-32170,
CVE-2026-32177, CVE-2026-32209, CVE-2026-33834, CVE-2026-33835,
CVE-2026-33837, CVE-2026-33838, CVE-2026-33839, CVE-2026-34329,
CVE-2026-34330, CVE-2026-34331, CVE-2026-34333, CVE-2026-34334,
CVE-2026-34336, CVE-2026-34337, CVE-2026-34338, CVE-2026-34339,
CVE-2026-34340, CVE-2026-34341, CVE-2026-34342, CVE-2026-34343,
CVE-2026-34344, CVE-2026-34345, CVE-2026-34347, CVE-2026-34351,
CVE-2026-35415, CVE-2026-35416, CVE-2026-35417, CVE-2026-35418,
CVE-2026-35421, CVE-2026-35422, CVE-2026-35423, CVE-2026-35424,
CVE-2026-40377, CVE-2026-40380, CVE-2026-40382, CVE-2026-40397,
CVE-2026-40398, CVE-2026-40399, CVE-2026-40401, CVE-2026-40403,
CVE-2026-40406, CVE-2026-40407, CVE-2026-40408, CVE-2026-40410,
CVE-2026-40413, CVE-2026-40414, CVE-2026-40415, CVE-2026-41097,
CVE-2026-42825

[Windows 10 for x64-based Systems (Version21H2)]

CVE-2025-54518, CVE-2026-21530, CVE-2026-32161, CVE-2026-32170,
CVE-2026-32177, CVE-2026-32209, CVE-2026-33834, CVE-2026-33835,
CVE-2026-33837, CVE-2026-33838, CVE-2026-33839, CVE-2026-33841,
CVE-2026-34329, CVE-2026-34330, CVE-2026-34331, CVE-2026-34333,
CVE-2026-34334, CVE-2026-34336, CVE-2026-34337, CVE-2026-34338,
CVE-2026-34339, CVE-2026-34340, CVE-2026-34341, CVE-2026-34342,
CVE-2026-34343, CVE-2026-34344, CVE-2026-34345, CVE-2026-34347,
CVE-2026-34351, CVE-2026-35415, CVE-2026-35416, CVE-2026-35417,
CVE-2026-35418, CVE-2026-35421, CVE-2026-35422, CVE-2026-35423,
CVE-2026-35424, CVE-2026-40377, CVE-2026-40380, CVE-2026-40382,
CVE-2026-40397, CVE-2026-40398, CVE-2026-40399, CVE-2026-40401,
CVE-2026-40403, CVE-2026-40406, CVE-2026-40407, CVE-2026-40408,
CVE-2026-40410, CVE-2026-40413, CVE-2026-40414, CVE-2026-40415,
CVE-2026-41088, CVE-2026-41097, CVE-2026-42825

The following products are not affected by the vulnerabilities:

  • Hitachi Virtual Storage Platform E590, E790, E990, E1090, E590H, E790H, E1090H
  • Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900
  • Hitachi Virtual Storage Platform F350, F370, F700, F900
  • Hitachi Virtual Storage Platform G100, G200, G400, G600, G800
  • Hitachi Virtual Storage Platform F400, F600, F800
  • Hitachi Virtual Storage Platform N400, N600, N800

Action to be taken

Software update.
Please contact your authorized service representative for details on any corrective actions such as software updates and the schedule for their release.

References

Please refer to the Security Update Guide (Microsoft) about the vulnerabilities.

Revision history

  • July 9, 2026: This security information page is published.
  • Hitachi, Ltd. (hereinafter referred to as "Hitachi") tries to provide accurate information about security countermeasures. However, since information about security problems constantly changes, the contents of these Web pages are subject to change without prior notice. When referencing information, please confirm that you are referencing the latest information.
  • The Web pages include information about products that are developed by non-Hitachi software developers. Vulnerability information about those products is based on the information provided or disclosed by those developers. Although Hitachi is careful about the accuracy and completeness of this information, the contents of the Web pages may change depending on the changes made by the developers.
  • The Web pages are intended to provide vulnerability information only, and Hitachi shall not have any legal responsibility for the information contained in them. Hitachi shall not be liable for any consequences arising out of or in connection with the security countermeasures or other actions that you will take or have taken (or not taken) by yourself.
  • The links to other web sites are valid at the time of the release of the page. Although Hitachi makes an effort to maintain the links, Hitachi cannot guarantee their permanent availability.