CVE-2025-7737
Received Received - Intake
Denial of Service in Hitachi Virtual Storage Platform

Publication date: 2026-06-19

Last updated on: 2026-06-19

Assigner: Hitachi, Ltd.

Description
DoS Vulnerability in 10G iSCSI Interface of Hitachi Virtual Storage Platform. This issue affects Hitachi Virtual Storage Platform E990, E1090, E1090H: before DKCMAIN Ver.93-07-21-80/00-05, CHB(iSCSI) Ver.88-01-02-04, before DKCMAIN Ver.93-07-01-80/00-07, CHB(iSCSI) Ver.88-01-02-04, before DKCMAIN Ver.93-06-82-80/00-06, CHB(iSCSI) Ver.88-01-02-04, before DKCMAIN Ver.93-06-63-80/00-04, CHB(iSCSI) Ver.88-01-02-04; Hitachi Virtual Storage Platform E390, E590, E790, E390H, E590H, E790H: before DKCMAIN Ver.93-07-21-x0/00-05, CHB(iSCSI) Ver.88-01-02-04, before DKCMAIN Ver.93-07-01-x0/00-07, CHB(iSCSI) Ver.88-01-02-04, before DKCMAIN Ver.93-06-82-x0/00-06, CHB(iSCSI) Ver.88-01-02-04, before DKCMAIN Ver.93-06-63-x0/00-04, CHB(iSCSI) Ver.88-01-02-04, before DKCMAIN Ver.93-07-24-x0/00-02, CHB(iSCSI) Ver.88-01-02-04, before DKCMAIN Ver.93-07-02-x0/00-02, CHB(iSCSI) Ver.88-01-02-04; Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900: before DKCMAIN Ver.88-08-10-x0/00-05, CHB(iSCSI) Ver.88-01-02-04; Hitachi Virtual Storage Platform G100, G200, G400, G600, G800, F400, F600, F800: before DKCMAIN Ver.83-06-20-x0/00-05, CHB(iSCSI) Ver.83-01-01-29; Hitachi Virtual Storage Platform VX8, 5100, 5500, 5100H, 5500H, 5200, 5600, 5200H, 5600H: before DKCMAIN Ver.90-09-01-00/01-01, CHB(iSCSI) Ver.90-01-01-07, before DKCMAIN Ver.90-08-83-00/01-01, CHB(iSCSI) Ver.90-01-01-07, before DKCMAIN Ver.90-08-63-00/01-01, CHB(iSCSI) Ver.90-01-01-07; Hitachi Virtual Storage Platform VX7, G1000, G1500, F1500: before DKCMAIN Ver.80-06-93-00/00-04, ISFC Ver.80-01-17.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-19
Last Modified
2026-06-19
Generated
2026-06-19
AI Q&A
2026-06-19
EPSS Evaluated
N/A
NVD
CVE-2025-7737
EUVD
EUVD-2025-210286
Affected Vendors & Products
Showing 6 associated CPEs
Vendor Product Version / Range
hitachi virtual_storage_platform to 93-07-21-80/00-05 (exc)
hitachi virtual_storage_platform to 93-07-21-x0/00-05 (exc)
hitachi virtual_storage_platform to 88-08-10-x0/00-05 (exc)
hitachi virtual_storage_platform to 83-06-20-x0/00-05 (exc)
hitachi virtual_storage_platform to 90-09-01-00/01-01 (exc)
hitachi virtual_storage_platform to 80-06-93-00/00-04 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-770 The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Mitigation Strategies

To mitigate this vulnerability, users should update the affected Hitachi Virtual Storage Platform systems to the latest patched versions of DKCMAIN and CHB(iSCSI) firmware as provided by Hitachi.

For further assistance or specific version details, users are advised to contact their Hitachi representative or support desk.

Executive Summary

CVE-2025-7737 is a denial-of-service (DoS) vulnerability in the 10G iSCSI interface of multiple Hitachi Virtual Storage Platform models. The vulnerability causes the iSCSI port to become unresponsive when it receives a large number of malicious packets.

This issue affects various Hitachi VSP models and specific versions of their DKCMAIN and CHB(iSCSI) firmware. Hitachi has released patched firmware versions to address this vulnerability.

Impact Analysis

The vulnerability can cause the iSCSI port on affected Hitachi Virtual Storage Platforms to become unresponsive, leading to a denial of service. This can disrupt storage access and availability, potentially impacting business operations that rely on these storage systems.

Compliance Impact

The provided information does not specify how the DoS vulnerability in the 10G iSCSI Interface of Hitachi Virtual Storage Platform affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-7737. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart