HIGHCVE-2026-21427Published Modified CNA jpcert
CVE-2026-21427: The installers for multiple products provided by PIONEER CORPORATION contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries
The installers for multiple products provided by PIONEER CORPORATION contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running installer.
Metrics
- CVSS v4.0
- 8.5
- Severity
- HIGH
- Fixed in
- —
- Affected Products
- 10
Affected packages
- PIONEER CORPORATION / USB DAC Amplifier APS-DA101JSall versions
- PIONEER CORPORATION / USB DAC Amplifier APS-DA101JRall versions
- PIONEER CORPORATION / USB DAC Amplifier APS-DA101JGLall versions
- PIONEER CORPORATION / USB DAC Amplifier APS-DA101JGRall versions
- PIONEER CORPORATION / Stellanova Lite APS-S201JSall versions
- PIONEER CORPORATION / Stellanova Lite APS-S201JRall versions
- PIONEER CORPORATION / Stellanova Lite APS-S201JGLall versions
- PIONEER CORPORATION / Stellanova Lite APS-S201JGRall versions
- PIONEER CORPORATION / Stellanova Limited APS-S202J-LMall versions
- PIONEER CORPORATION / Stellanova APS-S301 seriesall versions
CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:NReferences