CVE-2026-24466_CVE-2026-24466

6.7 / 10

MEDIUM

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Description

Products provided by Oki Electric Industry Co., Ltd. and its OEM products (Ricoh Co., Ltd., Murata Machinery, Ltd.) register Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege.

Basic Information

ID CVE-2026-24466

Source jpcert

Published Feb 9, 2026 at 06:59

Affected Product

Vendor Oki Electric Industry Co., Ltd.

Product See "References" section

Version See "References" section

Affected Versions Oki Electric Industry Co., Ltd. See "References" section See "References" section
Ricoh Company, Ltd. See "References" section See "References" section
Murata Machinery, Ltd. See "References" section See "References" section

CWE Classification

CWE-428

References

{
    "lastseen": "",
    "description": "Products provided by Oki Electric Industry Co., Ltd. and its OEM products (Ricoh Co., Ltd., Murata Machinery, Ltd.) register Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege.",
    "published": "2026-02-09T06:59:30.186Z",
    "modified": "2026-02-09T06:59:30.186Z",
    "type": "cve",
    "title": "CVE-2026-24466",
    "source": "jpcert",
    "references": "https://www.oki.com/jp/product_security/sa_2026_0001_en.html\nhttps://www.oki.com/jp/printing/support/important-information/2026/info-260209/index.html\nhttps://jp.ricoh.com/security/products/vulnerabilities/vul?id=ricoh-2026-000002\nhttps://www.muratec.jp/ce/support/announce_sp_20260209.html\nhttps://jvn.jp/en/jp/JVN55395471/",
    "id": "CVE-2026-24466",
    "bulletinFamily": "",
    "cwe": [
        "CWE-428"
    ],
    "cvelist": null,
    "sourceData": "Oki Electric Industry Co., Ltd. See \"References\" section See \"References\" section\nRicoh Company, Ltd. See \"References\" section See \"References\" section\nMurata Machinery, Ltd. See \"References\" section See \"References\" section",
    "sourceHref": "",
    "cvss": {
        "score": 6.7,
        "severity": "MEDIUM",
        "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "See \"References\" section",
    "version": "See \"References\" section",
    "vendor": "Oki Electric Industry Co., Ltd.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}