[Japanese]

JVNDB-2026-018098

Security information for Hitachi Disk Array Systems

Overview

CVE-2026-0390 | UEFI Secure Boot Security Feature Bypass Vulnerability
CVE-2026-20806 | Windows COM Server Information Disclosure Vulnerability
CVE-2026-20928 | Windows Recovery Environment Security Feature Bypass Vulnerability
CVE-2026-20930 | Windows Management Services Elevation of Privilege Vulnerability
CVE-2026-23666 | .NET Framework Denial of Service Vulnerability
CVE-2026-23670 | Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability
CVE-2026-25250 | MITRE: CVE-2026-25250 Secure Boot disable Eazy Fix
CVE-2026-26151 | Remote Desktop Spoofing Vulnerability
CVE-2026-26152 | Microsoft Cryptographic Services Elevation of Privilege Vulnerability
CVE-2026-26153 | Windows Encrypted File System (EFS) Elevation of Privilege Vulnerability
CVE-2026-26155 | Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
CVE-2026-26156 | Windows Hyper-V Remote Code Execution Vulnerability
CVE-2026-26159 | Remote Desktop Licensing Service Elevation of Privilege Vulnerability
CVE-2026-26160 | Remote Desktop Licensing Service Elevation of Privilege Vulnerability
CVE-2026-26161 | Windows Sensor Data Service Elevation of Privilege Vulnerability
CVE-2026-26162 | Windows OLE Elevation of Privilege Vulnerability
CVE-2026-26163 | Windows Kernel Elevation of Privilege Vulnerability
CVE-2026-26167 | Windows Push Notifications Elevation of Privilege Vulnerability
CVE-2026-26168 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-26169 | Windows Kernel Memory Information Disclosure Vulnerability
CVE-2026-26170 | PowerShell Elevation of Privilege Vulnerability
CVE-2026-26172 | Windows Push Notifications Elevation of Privilege Vulnerability
CVE-2026-26173 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-26174 | Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability
CVE-2026-26175 | Windows Boot Manager Security Feature Bypass Vulnerability
CVE-2026-26176 | Windows Client Side Caching driver (csc.sys) Elevation of Privilege Vulnerability
CVE-2026-26177 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-26178 | Windows Advanced Rasterization Platform Elevation of Privilege Vulnerability
CVE-2026-26180 | Windows Kernel Elevation of Privilege Vulnerability
CVE-2026-26182 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-26184 | Windows Projected File System Elevation of Privilege Vulnerability
CVE-2026-27906 | Windows Hello Security Feature Bypass Vulnerability
CVE-2026-27908 | Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability
CVE-2026-27909 | Windows Search Service Elevation of Privilege Vulnerability
CVE-2026-27910 | Windows Installer Elevation of Privilege Vulnerability
CVE-2026-27911 | Windows User Interface Core Elevation of Privilege Vulnerability
CVE-2026-27914 | Microsoft Management Console Elevation of Privilege Vulnerability
CVE-2026-27915 | Windows UPnP Device Host Elevation of Privilege Vulnerability
CVE-2026-27916 | Windows UPnP Device Host Elevation of Privilege Vulnerability
CVE-2026-27917 | Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Elevation of Privilege Vulnerability
CVE-2026-27918 | Windows Shell Elevation of Privilege Vulnerability
CVE-2026-27919 | Windows UPnP Device Host Elevation of Privilege Vulnerability
CVE-2026-27920 | Windows UPnP Device Host Elevation of Privilege Vulnerability
CVE-2026-27921 | Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability
CVE-2026-27922 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-27923 | Desktop Window Manager Elevation of Privilege Vulnerability
CVE-2026-27924 | Desktop Window Manager Elevation of Privilege Vulnerability
CVE-2026-27925 | Windows UPnP Device Host Information Disclosure Vulnerability
CVE-2026-27926 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2026-27927 | Windows Projected File System Elevation of Privilege Vulnerability
CVE-2026-27929 | Windows LUA File Virtualization Filter Driver Elevation of Privilege Vulnerability
CVE-2026-27930 | Windows GDI Information Disclosure Vulnerability
CVE-2026-27931 | Windows GDI Information Disclosure Vulnerability
CVE-2026-32068 | Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability
CVE-2026-32069 | Windows Projected File System Elevation of Privilege Vulnerability
CVE-2026-32070 | Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2026-32071 | Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability
CVE-2026-32072 | Active Directory Spoofing Vulnerability
CVE-2026-32073 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-32074 | Windows Projected File System Elevation of Privilege Vulnerability
CVE-2026-32075 | Windows UPnP Device Host Elevation of Privilege Vulnerability
CVE-2026-32077 | Windows UPnP Device Host Elevation of Privilege Vulnerability
CVE-2026-32078 | Windows Projected File System Elevation of Privilege Vulnerability
CVE-2026-32079 | Web Account Manager Information Disclosure Vulnerability
CVE-2026-32081 | Package Catalog Information Disclosure Vulnerability
CVE-2026-32082 | Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability
CVE-2026-32083 | Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability
CVE-2026-32084 | Windows Print Spooler Information Disclosure Vulnerability
CVE-2026-32085 | Remote Procedure Call Information Disclosure Vulnerability
CVE-2026-32086 | Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability
CVE-2026-32087 | Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability
CVE-2026-32088 | Windows Biometric Service Security Feature Bypass Vulnerability
CVE-2026-32089 | Windows Speech Brokered Api Elevation of Privilege Vulnerability
CVE-2026-32090 | Windows Speech Brokered Api Elevation of Privilege Vulnerability
CVE-2026-32091 | Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2026-32093 | Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability
CVE-2026-32149 | Windows Hyper-V Remote Code Execution Vulnerability
CVE-2026-32150 | Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability
CVE-2026-32151 | Windows Shell Information Disclosure Vulnerability
CVE-2026-32153 | Windows Speech Runtime Elevation of Privilege Vulnerability
CVE-2026-32154 | Desktop Window Manager Elevation of Privilege Vulnerability
CVE-2026-32155 | Desktop Window Manager Elevation of Privilege Vulnerability
CVE-2026-32156 | Windows UPnP Device Host Remote Code Execution Vulnerability
CVE-2026-32157 | Remote Desktop Client Remote Code Execution Vulnerability
CVE-2026-32158 | Windows Push Notifications Elevation of Privilege Vulnerability
CVE-2026-32159 | Windows Push Notifications Elevation of Privilege Vulnerability
CVE-2026-32160 | Windows Push Notifications Elevation of Privilege Vulnerability
CVE-2026-32162 | Windows COM Elevation of Privilege Vulnerability
CVE-2026-32163 | Windows User Interface Core Elevation of Privilege Vulnerability
CVE-2026-32164 | Windows User Interface Core Elevation of Privilege Vulnerability
CVE-2026-32165 | Windows User Interface Core Elevation of Privilege Vulnerability
CVE-2026-32181 | Connected User Experiences and Telemetry Service Denial of Service Vulnerability
CVE-2026-32183 | Windows Snipping Tool Remote Code Execution Vulnerability
CVE-2026-32202 | Windows Shell Spoofing Vulnerability
CVE-2026-32212 | Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability
CVE-2026-32214 | Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability
CVE-2026-32215 | Windows Kernel Information Disclosure Vulnerability
CVE-2026-32217 | Windows Kernel Information Disclosure Vulnerability
CVE-2026-32218 | Windows Kernel Information Disclosure Vulnerability
CVE-2026-32225 | Windows Shell Security Feature Bypass Vulnerability
CVE-2026-32226 | .NET Framework Denial of Service Vulnerability
CVE-2026-33098 | Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability
CVE-2026-33099 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-33100 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-33104 | Win32k Elevation of Privilege Vulnerability
CVE-2026-33116 | .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
CVE-2026-33824 | Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability
CVE-2026-33827 | Windows TCP/IP Remote Code Execution Vulnerability
CVE-2026-33829 | Windows Snipping Tool Spoofing Vulnerability
CVSS Severity (What is CVSS?)

Affected Products


Hitachi, Ltd
  • Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H [Windows 10 for x64-based Systems (Version1809)] (CVE-2026-0390, ...)
  • Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H [Windows 10 for x64-based Systems (Version21H2)] (CVE-2026-0390, ...)
  • Hitachi Virtual Storage Platform 5200, 5600, 5200H, 5600H [Windows 10 for x64-based Systems (Version1809)] (CVE-2026-0390, ...)
  • Hitachi Virtual Storage Platform 5200, 5600, 5200H, 5600H [Windows 10 for x64-based Systems (Version21H2)] (CVE-2026-0390, ...)
  • Hitachi Virtual Storage Platform E390, E590, E790, E1090, E390H, E590H, E790H, E1090H [Windows 10 for x64-based Systems (Version1809)] (CVE-2026-0390, ...)
  • Hitachi Virtual Storage Platform E390, E590, E790, E1090, E390H, E590H, E790H, E1090H [Windows 10 for x64-based Systems (Version21H2)] (CVE-2026-0390, ...)

Please refer to Vendor Information for more details.
Impact

Regarding the impact of the vulnerability, please refer to the vendor advisory.
Solution

Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action.
Vendor Information

Hitachi, Ltd
CWE (What is CWE?)

CVE (What is CVE?)

  1. CVE-2026-0390
  2. CVE-2026-20806
  3. CVE-2026-20928
  4. CVE-2026-20930
  5. CVE-2026-23666
  6. CVE-2026-23670
  7. CVE-2026-25250
  8. CVE-2026-26151
  9. CVE-2026-26152
  10. CVE-2026-26153
  11. CVE-2026-26155
  12. CVE-2026-26156
  13. CVE-2026-26159
  14. CVE-2026-26160
  15. CVE-2026-26161
  16. CVE-2026-26162
  17. CVE-2026-26163
  18. CVE-2026-26167
  19. CVE-2026-26168
  20. CVE-2026-26169
  21. CVE-2026-26170
  22. CVE-2026-26172
  23. CVE-2026-26173
  24. CVE-2026-26174
  25. CVE-2026-26175
  26. CVE-2026-26176
  27. CVE-2026-26177
  28. CVE-2026-26178
  29. CVE-2026-26180
  30. CVE-2026-26182
  31. CVE-2026-26184
  32. CVE-2026-27906
  33. CVE-2026-27908
  34. CVE-2026-27909
  35. CVE-2026-27910
  36. CVE-2026-27911
  37. CVE-2026-27914
  38. CVE-2026-27915
  39. CVE-2026-27916
  40. CVE-2026-27917
  41. CVE-2026-27918
  42. CVE-2026-27919
  43. CVE-2026-27920
  44. CVE-2026-27921
  45. CVE-2026-27922
  46. CVE-2026-27923
  47. CVE-2026-27924
  48. CVE-2026-27925
  49. CVE-2026-27926
  50. CVE-2026-27927
  51. CVE-2026-27929
  52. CVE-2026-27930
  53. CVE-2026-27931
  54. CVE-2026-32068
  55. CVE-2026-32069
  56. CVE-2026-32070
  57. CVE-2026-32071
  58. CVE-2026-32072
  59. CVE-2026-32073
  60. CVE-2026-32074
  61. CVE-2026-32075
  62. CVE-2026-32077
  63. CVE-2026-32078
  64. CVE-2026-32079
  65. CVE-2026-32081
  66. CVE-2026-32082
  67. CVE-2026-32083
  68. CVE-2026-32084
  69. CVE-2026-32085
  70. CVE-2026-32086
  71. CVE-2026-32087
  72. CVE-2026-32088
  73. CVE-2026-32089
  74. CVE-2026-32090
  75. CVE-2026-32091
  76. CVE-2026-32093
  77. CVE-2026-32149
  78. CVE-2026-32150
  79. CVE-2026-32151
  80. CVE-2026-32153
  81. CVE-2026-32154
  82. CVE-2026-32155
  83. CVE-2026-32156
  84. CVE-2026-32157
  85. CVE-2026-32158
  86. CVE-2026-32159
  87. CVE-2026-32160
  88. CVE-2026-32162
  89. CVE-2026-32163
  90. CVE-2026-32164
  91. CVE-2026-32165
  92. CVE-2026-32181
  93. CVE-2026-32183
  94. CVE-2026-32202
  95. CVE-2026-32212
  96. CVE-2026-32214
  97. CVE-2026-32215
  98. CVE-2026-32217
  99. CVE-2026-32218
  100. CVE-2026-32225
  101. CVE-2026-32226
  102. CVE-2026-33098
  103. CVE-2026-33099
  104. CVE-2026-33100
  105. CVE-2026-33104
  106. CVE-2026-33116
  107. CVE-2026-33824
  108. CVE-2026-33827
  109. CVE-2026-33829
References

Revision History

  • [2026/06/04]
      Web page was published

Date Public2026/05/27
Date First Published2026/06/04
Date Last Updated2026/06/04