CVE-2025-62577

High CVSS: 8.4

ETERNUS SF provided by Fsas Technologies Inc. contains an incorrect default permissions vulnerability. A low-privileged user with access to the management server may obtain database credentials, potentially allowing execution of OS commands with administrator privileges.

Vendor

Product

CWE

CWE-276

Yayın Tarihi

2025-10-20 06:15:36

Güncelleme

2025-11-03 16:15:36

Source Identifier

vultures@jpcert.or.jp

KEV Date Added

Kategoriler

CWE-276 HIGH 2025

Referanslar

https://jvn.jp/en/jp/JVN44266462/ https://www.fsastech.com/ja-jp/resources/security/2025/1020.html https://www.fujitsu.com/global/support/products/computing/storage/20251020/index.html https://security.ts.fujitsu.com/ProductSecurity/content/FsasTech-PSIRT-FTI-STR-2025-102005-Security-Notice.pdf