← voltar
CVE-2026-21427

CVE-2026-21427

CVSS 8.5 HIGHEPSS 0.2%CWE-427
The installers for multiple products provided by PIONEER CORPORATION contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running installer.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
PIONEER CORPORATION · Stellanova APS-S301 seriesPIONEER CORPORATION · Stellanova Limited APS-S202J-LMPIONEER CORPORATION · Stellanova Lite APS-S201JGLPIONEER CORPORATION · Stellanova Lite APS-S201JGRPIONEER CORPORATION · Stellanova Lite APS-S201JRPIONEER CORPORATION · Stellanova Lite APS-S201JSPIONEER CORPORATION · USB DAC Amplifier APS-DA101JGLPIONEER CORPORATION · USB DAC Amplifier APS-DA101JGRPIONEER CORPORATION · USB DAC Amplifier APS-DA101JRPIONEER CORPORATION · USB DAC Amplifier APS-DA101JS

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://jpn.pioneer/ja/support/software/stellanova/dac_driver/https://jvn.jp/en/jp/JVN17956874/