CVE-2026-26050
7.8
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
The installer for ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール versions prior to Ver.1.3.7 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrative privileges.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Ricoh Company, Ltd. | ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール | versions prior to Ver.1.3.7 | affected |
Weaknesses
- CWE-427: Uncontrolled Search Path Element
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://support.ricoh.com/bbv2/html/dr_ut_d/ut/history/w/bb/pub_j/dr_ut_d/4101031/4101031555/V137/5260588/260588/history.htm
- https://jvn.jp/en/jp/JVN69531868/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.