Description
An arbitrary file overwrite vulnerability in PDF Reader App : TA/UTAX Mobile Print v3.7.2.251001 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.
Published: 2026-03-31
Score: n/a
EPSS: n/a
KEV: No
Impact: Arbitrary Code Execution and Information Exposure
Action: Immediate Patch
AI Analysis

Impact

An attacker can overwrite critical internal files by using the file import feature, which allows the application to write arbitrary data to protected locations. This vulnerability enables code execution if the attacker supplies a malicious file or permits disclosure of sensitive data. The weakness stems from inadequate validation of file paths and permissions during the import process.

Affected Systems

The flaw is found in the PDF Reader App component of TA/UTAX Mobile Print version 3.7.2.251001. No other vendors or products are listed; the affected software runs on mobile platforms, likely Android or iOS.

Risk and Exploitability

The CVSS score is not provided, but the potential for arbitrary code execution indicates a high severity level. EPSS data is unavailable and the vulnerability is not listed in CISA’s KEV catalog. The likely attack vector involves delivering a crafted file (e.g., via email or download) that the user opens, enabling the attacker to trigger the file overwrite. No official patch or workaround is indicated in the current data.

Generated by OpenCVE AI on March 31, 2026 at 18:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor’s latest patch for TA/UTAX Mobile Print as soon as it becomes available.
  • If a patch cannot be applied immediately, disable or remove the file import functionality to block potential uploads.
  • Verify file integrity and monitor for unusual file operations to detect exploitation attempts.

Generated by OpenCVE AI on March 31, 2026 at 18:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 01 Apr 2026 02:15:00 +0000

Type Values Removed Values Added
Title Arbitrary File Overwrite in TA/UTAX Mobile Print Leading to Code Execution
Weaknesses CWE-22

Tue, 31 Mar 2026 17:30:00 +0000

Type Values Removed Values Added
Description An arbitrary file overwrite vulnerability in PDF Reader App : TA/UTAX Mobile Print v3.7.2.251001 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-03-31T16:59:49.942Z

Reserved: 2026-03-04T00:00:00.000Z

Link: CVE-2026-30277

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-03-31T18:16:46.740

Modified: 2026-03-31T18:16:46.740

Link: CVE-2026-30277

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-31T19:56:52Z

Weaknesses