HIGHCVE-2026-26050Published Modified CNA jpcert
CVE-2026-26050: The installer for ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール versions prior to Ver
The installer for ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール versions prior to Ver.1.3.7 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrative privileges.
Metrics
- CVSS v4.0
- 8.4
- Severity
- HIGH
- Fixed in
- —
- Affected Products
- 1
Affected packages
- Ricoh Company, Ltd. / ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツールversions prior to Ver.1.3.7
CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:NReferences