CVE-2025-57846

Summary

Multiple i-フィルター products contain an issue with incorrect default permissions. If this vulnerability is exploited, a local authenticated attacker may replace a service executable on the system where the product is running, potentially allowing arbitrary code execution with SYSTEM privileges.

Affected Software

VendorProductVersion RangeStatus
Digital Arts Inc.i-フィルター 6.0prior to 6.00.55affected
Digital Arts Inc.i-フィルター for マルチデバイスprior to 6.00.55 (Windows version only)affected
Digital Arts Inc.i-フィルター for ZAQprior to 6.00.55 (Windows version only)affected
Digital Arts Inc.i-フィルター for ネットカフェprior to 6.10.55affected
Digital Arts Inc.i-FILTER ブラウザー&クラウド MultiAgent for Windowsprior to 4.93.R11affected
Fujitsu LimitedFENCE-Mobile RemoteManager i-FILTER Browser Serviceprior to 4.93R11affected
OPTiM CorporationOptimal Biz Web Filtering Powered by i-FILTER (Windows version)prior to 4.93R11affected

Weaknesses

  • CWE-276: Incorrect default permissions

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References