Improper restriction of communication channel to intended endpoints issue exists in UpdateNavi V1.4 L10 to L33 and UpdateNaviInstallService Service 1.2.0091 to 1.2.0125. If a local authenticated attacker send malicious data, an arbitrary registry value may be modified or arbitrary code may be executed.
| Балл | 7.1 — высокая |
| Вектор | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |