Platform
windows
Component
jp1-it-desktop-management-2
Fixed in
13.50.02
13.00.05
13.01.07
13.10.07
13.11.04
13.50.02
CVE-2025-65116 identifies a buffer overflow vulnerability within JP1/IT Desktop Management 2 - Manager and related components on Windows systems. Successful exploitation could lead to a denial-of-service condition or, in a worst-case scenario, allow an attacker to execute arbitrary code. This vulnerability affects versions from 10.0 through 13-50-02. A patch is available in version 13-50-02.
The buffer overflow vulnerability in JP1/IT Desktop Management 2 presents a significant risk. An attacker could craft malicious input that overwrites adjacent memory regions, potentially leading to a denial-of-service (DoS) by crashing the application or the entire system. More concerningly, if the overflow occurs in a location that can be controlled by the attacker, it could be leveraged to inject and execute arbitrary code. This could grant the attacker unauthorized access to sensitive data, escalate privileges, or compromise the entire network. While specific exploitation details are currently unknown, the potential for remote code execution makes this a high-priority vulnerability to address.
CVE-2025-65116 was published on 2026-04-07. As of this date, there are no publicly available proof-of-concept exploits. The vulnerability is not currently listed on the CISA KEV catalog. The CVSS score of 5.5 (MEDIUM) indicates a moderate probability of exploitation, but the lack of public exploits suggests that active campaigns are not currently underway.
Exploit Status
EPSS
0.01% (3% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-65116 is to upgrade to version 13-50-02 of JP1/IT Desktop Management 2. Prior to upgrading, it is recommended to create a full system backup to facilitate rollback if issues arise. If an immediate upgrade is not feasible, consider implementing network segmentation to limit the potential blast radius of a successful attack. Monitor network traffic for unusual activity related to JP1/IT Desktop Management 2. While no specific WAF rules or detection signatures are publicly available, generic buffer overflow detection rules may provide some level of protection.
Update to version 13.50.02 or later to mitigate the buffer overflow vulnerability. See the Hitachi page for more details and the necessary updates for the other affected products: https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2026-118/index.html
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-65116 is a medium-severity buffer overflow vulnerability affecting JP1/IT Desktop Management 2 versions 10.0–13-50-02 for Windows. It could lead to DoS or code execution.
You are affected if you are using JP1/IT Desktop Management 2 on Windows in versions 10.0 through 13-50-02. Upgrade to version 13-50-02 to mitigate the risk.
Upgrade to version 13-50-02. Back up your system before upgrading to allow for rollback if necessary.
As of the publication date, there are no publicly available exploits or confirmed reports of active exploitation.
Refer to the official JP1 website or contact their support channels for the advisory related to CVE-2025-65116.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.