ГлавнаяУязвимости → CVE-2025-35978
7.1высокая

CVE-2025-35978

Описание

Improper restriction of communication channel to intended endpoints issue exists in UpdateNavi V1.4 L10 to L33 and UpdateNaviInstallService Service 1.2.0091 to 1.2.0125. If a local authenticated attacker send malicious data, an arbitrary registry value may be modified or arbitrary code may be executed.

CVSS
Балл7.1 — высокая
ВекторCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Источники
https://azby.fmworld.net/support/security/information/updatenavi202506/https://jvn.jp/en/jp/JVN17860456/