CVE-2025-68919
📋 TL;DR
This vulnerability in Fujitsu ETERNUS SF management software allows non-admin users to access collected maintenance data, potentially compromising system confidentiality, integrity, and availability. It affects organizations using ETERNUS SF ACM/SC/Express management software. Attackers with valid user credentials could exploit this improper access control.
💻 Affected Systems
- Fujitsu ETERNUS SF ACM
- ETERNUS SF SC
- ETERNUS SF Express
- DX Management Software
- AF Management Software
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
An attacker with user-level access could exfiltrate sensitive maintenance data, modify system configurations, or disrupt management operations, potentially leading to data breaches or service outages.
Likely Case
Unauthorized users accessing maintenance logs and system information, potentially enabling reconnaissance for further attacks or exposing sensitive operational data.
If Mitigated
Limited impact with proper access controls and network segmentation, restricting exposure to authorized administrative interfaces only.
🎯 Exploit Status
Exploitation requires some level of user access to the system. No public exploit code has been disclosed as of the advisory date.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 16.8-16.9.1 PA 2025-12 or later
Vendor Advisory: https://security.ts.fujitsu.com/ProductSecurity/content/FsasTech-PSIRT-FTI-STR-2025-111413-Security-Notice.pdf
Restart Required: Yes
Instructions:
1. Download the patch from Fujitsu support portal. 2. Backup current configuration. 3. Apply the patch following vendor instructions. 4. Restart the management software services. 5. Verify the update was successful.
🔧 Temporary Workarounds
Restrict Access to Maintenance Data
allConfigure access controls to ensure only ETERNUS SF Admin users can access collected maintenance data.
Consult Fujitsu documentation for specific access control configuration commands
Network Segmentation
allIsolate ETERNUS SF management interfaces to trusted administrative networks only.
Configure firewall rules to restrict access to management interfaces
🧯 If You Can't Patch
- Implement strict access controls ensuring only ETERNUS SF Admin users can access maintenance data
- Monitor access logs for unauthorized attempts to access maintenance data interfaces
🔍 How to Verify
Check if Vulnerable:
Check software version via management interface or command line. If version is earlier than 16.8-16.9.1 PA 2025-12, system is vulnerable.Check Version:
Consult Fujitsu documentation for version check command specific to your ETERNUS SF product variantVerify Fix Applied:
Verify software version shows 16.8-16.9.1 PA 2025-12 or later, and test that non-admin users cannot access maintenance data.📡 Detection & Monitoring
Log Indicators:
- Unauthorized access attempts to maintenance data interfaces
- User privilege escalation attempts
- Unusual access patterns to maintenance logs
Network Indicators:
- Unexpected connections to management interfaces from non-admin networks
- Traffic patterns indicating data exfiltration from maintenance interfaces
SIEM Query:
source="eternus-sf-logs" AND (event_type="access_denied" OR user_role!="admin" AND resource="maintenance_data")