HIGHCVE-2026-23703Published 2026-02-26Modified 2026-02-26CNA jpcert

CVE-2026-23703: The installer of FinalCode Client provided by Digital Arts Inc

The installer of FinalCode Client provided by Digital Arts Inc. contains an incorrect default permissions vulnerability. A non-administrative user may execute arbitrary code with SYSTEM privilege.

CVSS v4.0: 8.5
Severity: HIGH
Fixed in: —
Affected Products: 2

Affected packages

Digital Arts Inc. / FinalCode Ver.5 series
prior to 5.43R01
Digital Arts Inc. / FinalCode Ver.6 series
prior to 6.51R01

CVSS Vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

References

daj.jp
jvn.jp

Metrics