CVE-2026-32680_CVE-2026-32680

7.8 / 10

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

The installer of RATOC RAID Monitoring Manager for Windows allows to customize the installation folder. If the installation folder is customized to some non-default one, the folder may be left with un-secure ACLs and non-administrative users can alter contents of that folder. It may allow a non-administrative user to execute an arbitrary code with SYSTEM privilege.

Basic Information

ID CVE-2026-32680

Source jpcert

Published Mar 26, 2026 at 06:55

Modified Mar 26, 2026 at 14:13

Affected Product

Vendor RATOC Systems, Inc.

Product RATOC RAID Monitoring Manager for Windows

Version prior to 2.00.009.260220

Affected Versions RATOC Systems, Inc. RATOC RAID Monitoring Manager for Windows prior to 2.00.009.260220

CWE Classification

CWE-276

References

{
    "lastseen": "",
    "description": "The installer of RATOC RAID Monitoring Manager for Windows allows to customize the installation folder. If the installation folder is customized to some non-default one, the folder may be left with un-secure ACLs and non-administrative users can alter contents of that folder. It may allow a non-administrative user to execute an arbitrary code with SYSTEM privilege.",
    "published": "2026-03-26T06:55:18.684Z",
    "modified": "2026-03-26T14:13:14.348Z",
    "type": "cve",
    "title": "CVE-2026-32680",
    "source": "jpcert",
    "references": "https://www.ratocsystems.com/topics/userinfo/raidmanager202508/\nhttps://jvn.jp/en/jp/JVN08057419/",
    "id": "CVE-2026-32680",
    "bulletinFamily": "",
    "cwe": [
        "CWE-276"
    ],
    "cvelist": null,
    "sourceData": "RATOC Systems, Inc. RATOC RAID Monitoring Manager for Windows prior to 2.00.009.260220",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "RATOC RAID Monitoring Manager for Windows",
    "version": "prior to 2.00.009.260220",
    "vendor": "RATOC Systems, Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}