CVE-2025-2514

Name: CVE-2025-2514
Creator: NVD / NIST
Published: 2026-05-07T09:16:26.183+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 5.3/10EPSS 0.30%

Last modified Jun 17, 2026

CVE-2025-2514 is a medium-severity vulnerability rated 5.3/10 on the CVSS scale. Improper restriction of excessive authentication attempts vulnerability in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28. This issue affects Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28 : before DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00, before DKCMAIN Ver 93-07-26-xx/00, GUM Ver. EPSS estimates a 0.30% chance of exploitation in the next 30 days.

Description

Improper restriction of excessive authentication attempts vulnerability in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28. This issue affects Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28 : before DKCMAIN Ver 88-08-16-xx/00, GUM Ver. 88-08-20/00, before DKCMAIN Ver 93-07-26-xx/00, GUM Ver. 93-07-26/00, before DKCMAIN Ver A3-04-02-xx/00, EMS Ver. A3-04-02/00, before DKCMAIN Ver A3-03-41-xx/00, EMS Ver. A3-03-41/00, before DKCMAIN Ver A3-03-03-xx/00, EMS Ver. A3-03-02/00.

Metrics

CVSS 3.1

5.3/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS Probability

0.30%

21.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-307

Affected Software

Vendor	Product	Versions
Hitachi	Vsp E1090h Firmware	All versions
Hitachi	Vsp E790h Firmware	All versions
Hitachi	Vsp E590h Firmware	All versions
Hitachi	Vsp E390h Firmware	All versions
Hitachi	Vsp E1090 Firmware	All versions
Hitachi	Vsp E990 Firmware	All versions
Hitachi	Vsp E790 Firmware	All versions
Hitachi	Vsp E590 Firmware	All versions
Hitachi	Vsp E390 Firmware	All versions
Hitachi	Vsp F900 Firmware	All versions
Hitachi	Vsp F700 Firmware	All versions
Hitachi	Vsp F370 Firmware	All versions
Hitachi	Vsp F350 Firmware	All versions
Hitachi	Vsp G900 Firmware	All versions
Hitachi	Vsp G700 Firmware	All versions
Hitachi	Vsp G370 Firmware	All versions
Hitachi	Vsp G350 Firmware	All versions
Hitachi	Vsp G150 Firmware	All versions
Hitachi	Vsp G130 Firmware	All versions
Hitachi	Virtual Storage One Block	23
Hitachi	Virtual Storage One Block	24
Hitachi	Virtual Storage One Block	26
Hitachi	Virtual Storage One Block	28

References

https://www.hitachi.com/products/it/storage-solutions/sec_info/2026/2026_306.htmlVendor Advisory

Timeline

Published: May 7, 2026
Last Modified: Jun 17, 2026
Status: Analyzed

Frequently Asked Questions

What is CVE-2025-2514?

How severe is CVE-2025-2514?

CVE-2025-2514 has a CVSS score of 5.3/10 (MEDIUM severity). The EPSS model estimates a 0.30% probability of exploitation in the next 30 days.

How do I fix CVE-2025-2514?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-2514?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST