CVE-2026-24694_CVE-2026-24694

7.8 / 10

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Description

The installer for Roland Cloud Manager ver.3.1.19 and prior insecurely loads Dynamic Link Libraries (DLLs), which could allow an attacker to execute arbitrary code with the privileges of the application.

Basic Information

ID CVE-2026-24694

Source jpcert

Published Feb 3, 2026 at 05:27

Affected Product

Vendor Roland Corporation

Product Roland Cloud Manager

Version ver.3.1.19 and prior

Affected Versions Roland Corporation Roland Cloud Manager ver.3.1.19 and prior

CWE Classification

CWE-427

References

{
    "lastseen": "",
    "description": "The installer for Roland Cloud Manager ver.3.1.19 and prior insecurely loads Dynamic Link Libraries (DLLs), which could allow an attacker to execute arbitrary code with the privileges of the application.",
    "published": "2026-02-03T05:27:56.739Z",
    "modified": "2026-02-03T05:27:56.739Z",
    "type": "cve",
    "title": "CVE-2026-24694",
    "source": "jpcert",
    "references": "https://www.roland.com/global/products/rc_roland_cloud_manager/support/#dl-support_documents\nhttps://jvn.jp/en/jp/JVN89992160/",
    "id": "CVE-2026-24694",
    "bulletinFamily": "",
    "cwe": [
        "CWE-427"
    ],
    "cvelist": null,
    "sourceData": "Roland Corporation Roland Cloud Manager ver.3.1.19 and prior",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
        "version": "3.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Roland Cloud Manager",
    "version": "ver.3.1.19 and prior",
    "vendor": "Roland Corporation",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}