HIGHCVE-2026-32679Published Modified CNA jpcert
CVE-2026-32679: The installers of LiveOn Meet Client for Windows (Downloader5Installer
The installers of LiveOn Meet Client for Windows (Downloader5Installer.exe and Downloader5InstallerForAdmin.exe) and the installers of Canon Network Camera Plugin (CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe) insecurely load Dynamic Link Libraries (DLLs). If a malicious DLL is placed at the same directory, the affected installer may load that DLL and execute its code with the privilege of the user invoking the installer.
Metrics
- CVSS v4.0
- 8.4
- Severity
- HIGH
- Fixed in
- —
- Affected Products
- 4
Affected packages
- Japan Media Systems Corporation / Downloader5Installer.exeVer.1.0.0.0
- Japan Media Systems Corporation / Downloader5InstallerForAdmin.exeVer.1.0.0.0
- Japan Media Systems Corporation / CanonNWCamPlugin.exeVer.1.0.0.0
- Japan Media Systems Corporation / CanonNWCamPluginForAdmin.exeVer.1.0.0.0
CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:NReferences