CVE-2025-26861_CVE-2025-26861

8.5 / 10

HIGH

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

RemoteCall Remote Support Program (for Operator) versions prior to 5.3.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution.

Basic Information

ID CVE-2025-26861

Source jpcert

Published Oct 15, 2025 at 06:07

Affected Product

Vendor RSUPPORT CO., LTD.

Product RemoteCall Remote Support Program (for Operator)

Version prior to 5.3.0

Affected Versions RSUPPORT CO., LTD. RemoteCall Remote Support Program (for Operator) prior to 5.3.0

CWE Classification

CWE-427

References

{
    "lastseen": "",
    "description": "RemoteCall Remote Support Program (for Operator) versions prior to 5.3.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution.",
    "published": "2025-10-15T06:07:01.220Z",
    "modified": "2025-10-15T06:07:01.220Z",
    "type": "cve",
    "title": "CVE-2025-26861",
    "source": "jpcert",
    "references": "https://www.remotecall.com/en/support/download/\nhttps://jvn.jp/en/jp/JVN22713803/",
    "id": "CVE-2025-26861",
    "bulletinFamily": "",
    "cwe": [
        "CWE-427"
    ],
    "cvelist": null,
    "sourceData": "RSUPPORT CO., LTD. RemoteCall Remote Support Program (for Operator) prior to 5.3.0",
    "sourceHref": "",
    "cvss": {
        "score": 8.5,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "RemoteCall Remote Support Program (for Operator)",
    "version": "prior to 5.3.0",
    "vendor": "RSUPPORT CO., LTD.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}