CVE-2026-32679

Summary

The installers of LiveOn Meet Client for Windows (Downloader5Installer.exe and Downloader5InstallerForAdmin.exe) and the installers of Canon Network Camera Plugin (CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe) insecurely load Dynamic Link Libraries (DLLs). If a malicious DLL is placed at the same directory, the affected installer may load that DLL and execute its code with the privilege of the user invoking the installer.

Affected Software

VendorProductVersion RangeStatus
Japan Media Systems CorporationDownloader5Installer.exeVer.1.0.0.0affected
Japan Media Systems CorporationDownloader5InstallerForAdmin.exeVer.1.0.0.0affected
Japan Media Systems CorporationCanonNWCamPlugin.exeVer.1.0.0.0affected
Japan Media Systems CorporationCanonNWCamPluginForAdmin.exeVer.1.0.0.0affected

Weaknesses

  • CWE-427: Uncontrolled Search Path Element

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References