Multiple i-フィルター products contain an issue with incorrect default permissions. If this vulnerability is exploited, a local authenticated attacker may replace a service executable on the system where the product is running, potentially allowing arbitrary code execution with SYSTEM privileges.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Wed, 27 Aug 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 27 Aug 2025 05:45:00 +0000

Type Values Removed Values Added
Description Multiple i-フィルター products contain an issue with incorrect default permissions. If this vulnerability is exploited, a local authenticated attacker may replace a service executable on the system where the product is running, potentially allowing arbitrary code execution with SYSTEM privileges.
Weaknesses CWE-276
References
Metrics cvssV3_0

{'score': 7.8, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: jpcert

Published:

Updated: 2025-08-27T14:52:39.319Z

Reserved: 2025-08-21T04:04:10.182Z

Link: CVE-2025-57846

cve-icon Vulnrichment

Updated: 2025-08-27T14:51:43.886Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-08-27T06:15:30.777

Modified: 2025-08-29T16:24:09.860

Link: CVE-2025-57846

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.