HIGHCVE-2026-39454Published Modified CNA jpcert
CVE-2026-39454: SKYSEA Client View and SKYMEC IT Manager provided by Sky Co
SKYSEA Client View and SKYMEC IT Manager provided by Sky Co.,LTD. configure the installation folder with improper file access permission settings. A non-administrative user may manipulate and/or place arbitrary files within the installation folder of the product. As a result, arbitrary code may be executed with the administrative privilege.
Metrics
- CVSS v4.0
- 8.5
- Severity
- HIGH
- Fixed in
- —
- Affected Products
- 2
Affected packages
- Sky Co.,LTD. / SKYSEA Client ViewVer.21.200.07j and earlier
- Sky Co.,LTD. / SKYMEC IT ManagerVer.2024.005.10a and earlier
CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:NReferences