virus logo Threat Signal Report

Hitachi Vantara Pentaho BA Server Vulnerabilities

What is the Vulnerability?

Threat actors are actively exploiting vulnerabilities in the Hitachi Vantara Pentaho Business Analytics Server. FortiGuard network sensors have detected attack attempts on over 500 devices, and CISA has added these vulnerabilities to the Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation.

The Pentaho Business Analytics Server is widely used, trusted by 73% of Fortune 100 companies, and plays a crucial role in data analysis and business intelligence.

Affected Vulnerabilities
CVE-2022-43939: Hitachi Vantara Pentaho BA Server Authorization Bypass Vulnerability
CVE-2022-43769: Hitachi Vantara Pentaho BA Server Special Element Injection Vulnerability

What is the recommended Mitigation?

Apply the latest patch or update from the vendor. [CVE-2022-43769 and CVE-2022-43939]

What FortiGuard Coverage is available?

  • Patch Immediately – FortiGuard Labs strongly recommends applying vendor fixes as soon as they are available. Follow all guidance from the official vendor advisory.

  • Intrusion Prevention System (IPS) Protection – FortiGuard Labs provides IPS signatures to detect and block exploitation attempts for CVE-2022-43769 and CVE-2022-43939.
    Intrusion Prevention | FortiGuard Labs

  • Incident Response Support – If a compromise is suspected, the FortiGuard Incident Response team is available for assistance.

Additional Resources

CVE-2022-43769
CVE-2022-43939
Intrusion Prevention | FortiGuard Labs


Released Date Mar 04, 2025
Tags Threat Signal Vulnerability
CVE ID

Experienced a Breach? We're here to help

FortiGuard Incident Response Services
FortiGuard Incident Response Services
About FortiGuard Threat Signal

Learn More »