Platform
windows
Component
jp1-it-desktop-management-2
Fixed in
13.50.02
13.00.05
13.01.07
13.10.07
13.11.04
13.50.02
CVE-2025-65115 describes a Remote Code Execution (RCE) vulnerability discovered in JP1/IT Desktop Management 2 - Manager and related components. This flaw allows an attacker to execute arbitrary code on affected systems, potentially leading to complete system compromise. The vulnerability impacts versions prior to 13-50-02 running on Windows. A fix is available in version 13-50-02.
Successful exploitation of CVE-2025-65115 allows an attacker to execute arbitrary code with the privileges of the affected process. This could enable attackers to install malware, steal sensitive data, modify system configurations, or establish persistent access to the compromised system. Given the desktop management nature of the product, a successful attack could potentially impact a large number of endpoints within an organization. The blast radius extends to any data managed or accessed through the JP1/IT Desktop Management 2 system, including user credentials, software deployment packages, and configuration settings. Lateral movement within the network is also a significant concern, as an attacker could leverage the compromised system to gain access to other resources.
The vulnerability's public disclosure date is 2026-04-07. Currently, there is no indication of active exploitation campaigns targeting CVE-2025-65115. The vulnerability has been added to the CISA KEV catalog, indicating a potential risk. Public proof-of-concept (POC) code is not currently available, but the RCE nature of the vulnerability makes it a likely target for exploitation in the future.
Exploit Status
EPSS
0.08% (24% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-65115 is to upgrade to version 13-50-02 or later. If immediate upgrading is not feasible, consider implementing network segmentation to limit the potential impact of a successful exploit. Restrict access to the JP1/IT Desktop Management 2 - Manager service to only authorized users and systems. Monitor network traffic for suspicious activity related to the product, particularly attempts to exploit known vulnerabilities. While a WAF or proxy may not directly prevent the RCE, it can be configured to block known malicious payloads or patterns associated with exploitation attempts. After upgrading, confirm the fix by attempting to reproduce the vulnerability using known exploit techniques and verifying that the attempts are unsuccessful.
Update to version 13.50.02 or later to mitigate the remote code execution vulnerability. See the Hitachi page for more details and the fixed versions for the other affected products: https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2026-118/index.html
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-65115 is a Remote Code Execution vulnerability affecting JP1/IT Desktop Management 2 versions before 13-50-02 on Windows, allowing attackers to execute code. It has a HIGH severity rating (CVSS: 8.8).
You are affected if you are running JP1/IT Desktop Management 2 on Windows versions prior to 13-50-02. Check your version and upgrade if necessary.
Upgrade to version 13-50-02 or later to resolve the vulnerability. If immediate upgrade is not possible, implement network segmentation and restrict access.
Currently, there is no confirmed active exploitation of CVE-2025-65115, but its RCE nature makes it a potential target.
Refer to the official JP1 security advisory for details and updates regarding CVE-2025-65115.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.