CVE-2026-25191

Summary

The installer of FinalCode Client provided by Digital Arts Inc. contains an issue with the DLL search path. If a user is directed to place a malicious DLL file and the installer to the same directory and execute the installer, arbitrary code may be executed with the installer's execution privilege.

Affected Software

VendorProductVersion RangeStatus
Digital Arts Inc.FinalCode Ver.5 seriesprior to 5.43R01affected
Digital Arts Inc.FinalCode Ver.6 seriesprior to 6.51R01affected

Weaknesses

  • CWE-427: Uncontrolled Search Path Element

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References