CVE-2021-20722

Summary

Untrusted search path vulnerability in the installers of ScanSnap Manager prior to versions V7.0L20 and the Software Download Installer prior to WinSSInst2JP.exe and WinSSInst2iX1500JP.exe allows an attacker to gain privileges and execute arbitrary code with the privilege of the user invoking the installer via a Trojan horse DLL in an unspecified directory.

Affected Software

VendorProductVersion RangeStatus
FUJITSU LIMITED and PFU LIMITEDThe installers of ScanSnap Manager and the Software Download InstallerThe installers of ScanSnap Manager prior to versions V7.0L20 and the Software Download Installer prior to WinSSInst2JP.exe and WinSSInst2iX1500JP.exeaffected

Weaknesses

  • Untrusted search path vulnerability

ADP Enrichment

CVE Program Container

Additional References

References