CVE-2025-62577

🗓️ 20 Oct 2025 05:32:41Reported by jpcertType

CVE-2025-62577: ETERNUS SF exposes database credentials to low-privileged management users enabling admin command execution.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2025-62577	20 Oct 202506:05	–	circl
CNNVD	Fsas Technologies ETERNUS SF 安全漏洞	20 Oct 202500:00	–	cnnvd
Cvelist	CVE-2025-62577	20 Oct 202505:32	–	cvelist
EUVD	EUVD-2025-35035	20 Oct 202505:32	–	euvd
Japan Vulnerability Notes	ETERNUS SF vulnerable to incorrect default permissions	20 Oct 202505:20	–	jvn
NVD	CVE-2025-62577	20 Oct 202506:15	–	nvd
RedhatCVE	CVE-2025-62577	21 Oct 202506:31	–	redhatcve
Vulnrichment	CVE-2025-62577	20 Oct 202505:32	–	vulnrichment

Vulners

Node

fsas_technologies_inc.eternus_sf_advancedcopy_manager_standard_edition_(for_solaris_10/_11)

fsas_technologies_inc.eternus_sf_storage_cruiser_(for_solaris_10/_11)

fsas_technologies_inc.eternus_sf_advancedcopy_manager_standard_edition_(for_rhel_7/_8/_9)

fsas_technologies_inc.eternus_sf_expressn_(for_rhel_7/_8/_9)

fsas_technologies_inc.eternus_sf_storage_cruisern_(for_rhel_7/_8/_9)

fsas_technologies_inc.eternus_sf_advancedcopy_manager_standard_edition_(for_windows_server_2016/_2019/_2022)

fsas_technologies_inc.eternus_sf_express_(for_windows_server_2016/_2019/_2022)

fsas_technologies_inc.eternus_sf_storage_cruiser_(for_windows_server_2016/_2019/_2022)

[
  {
    "vendor": "Fsas Technologies Inc.",
    "product": "ETERNUS SF AdvancedCopy Manager Standard Edition (for Solaris 10/ 11)",
    "versions": [
      {
        "version": "15.0/ 15.1/ 15.2/ 15.3/ 16.0/ 16.1/ 16.2/ 16.3/ 16.4/ 16.5/ 16.6/ 16.7/ 16.8/ 16.9/ 16.9.1",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fsas Technologies Inc.",
    "product": "ETERNUS SF Storage Cruiser (for Solaris 10/ 11)",
    "versions": [
      {
        "version": "15.0/ 15.1/ 15.2/ 15.3/ 16.0/ 16.1/ 16.2/ 16.3/ 16.4/ 16.5/ 16.6/ 16.7/ 16.8/ 16.9/ 16.9.1",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fsas Technologies Inc.",
    "product": "ETERNUS SF AdvancedCopy Manager Standard Edition (for RHEL 7/ 8/ 9)",
    "versions": [
      {
        "version": "16.2/ 16.3/ 16.4/ 16.5/ 16.6/ 16.7/ 16.8/ 16.9/ 16.9.1",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fsas Technologies Inc.",
    "product": "ETERNUS SF Expressn (for RHEL 7/ 8/ 9)",
    "versions": [
      {
        "version": "16.2/ 16.3/ 16.4/ 16.5/ 16.6/ 16.7/ 16.8/ 16.9/ 16.9.1",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fsas Technologies Inc.",
    "product": "ETERNUS SF Storage Cruisern (for RHEL 7/ 8/ 9)",
    "versions": [
      {
        "version": "16.2/ 16.3/ 16.4/ 16.5/ 16.6/ 16.7/ 16.8/ 16.9/ 16.9.1",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fsas Technologies Inc.",
    "product": "ETERNUS SF AdvancedCopy Manager Standard Edition (for Windows Server 2016/ 2019/ 2022)",
    "versions": [
      {
        "version": "16.4/ 16.5/ 16.6/ 16.7/ 16.8/ 16.9/ 16.9.1",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fsas Technologies Inc.",
    "product": "ETERNUS SF Express (for Windows Server 2016/ 2019/ 2022)",
    "versions": [
      {
        "version": "16.4/ 16.5/ 16.6/ 16.7/ 16.8/ 16.9/ 16.9.1",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Fsas Technologies Inc.",
    "product": "ETERNUS SF Storage Cruiser (for Windows Server 2016/ 2019/ 2022)",
    "versions": [
      {
        "version": "16.4/ 16.5/ 16.6/ 16.7/ 16.8/ 16.9/ 16.9.1",
        "status": "affected"
      }
    ]
  }
]

Source	Link
jvn	www.jvn.jp/en/jp/JVN44266462/
fsastech	www.fsastech.com/ja-jp/resources/security/2025/1020.html
fujitsu	www.fujitsu.com/global/support/products/computing/storage/20251020/index.html
security	www.security.ts.fujitsu.com/ProductSecurity/content/FsasTech-PSIRT-FTI-STR-2025-102005-Security-Notice.pdf

15 Apr 2026 00:35Current

6.9Medium risk

Vulners AI Score6.9

CVSS 48.4

CVSS 38.8

EPSS0.00019

SSVC

CWE-276