{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-57846", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "state": "PUBLISHED", "assignerShortName": "jpcert", "dateReserved": "2025-08-21T04:04:10.182Z", "datePublished": "2025-08-27T05:28:42.925Z", "dateUpdated": "2025-08-27T14:52:39.319Z"}, "containers": {"cna": {"affected": [{"vendor": "Digital Arts Inc.", "product": "i-\u30d5\u30a3\u30eb\u30bf\u30fc 6.0", "versions": [{"version": "prior to 6.00.55", "status": "affected"}]}, {"vendor": "Digital Arts Inc.", "product": "i-\u30d5\u30a3\u30eb\u30bf\u30fc for \u30de\u30eb\u30c1\u30c7\u30d0\u30a4\u30b9", "versions": [{"version": "prior to 6.00.55 (Windows version only)", "status": "affected"}]}, {"vendor": "Digital Arts Inc.", "product": "i-\u30d5\u30a3\u30eb\u30bf\u30fc for ZAQ", "versions": [{"version": "prior to 6.00.55 (Windows version only)", "status": "affected"}]}, {"vendor": "Digital Arts Inc.", "product": "i-\u30d5\u30a3\u30eb\u30bf\u30fc for \u30cd\u30c3\u30c8\u30ab\u30d5\u30a7", "versions": [{"version": "prior to 6.10.55", "status": "affected"}]}, {"vendor": "Digital Arts Inc.", "product": "i-FILTER \u30d6\u30e9\u30a6\u30b6\u30fc\uff06\u30af\u30e9\u30a6\u30c9 MultiAgent for Windows", "versions": [{"version": "prior to 4.93.R11", "status": "affected"}]}, {"vendor": "Fujitsu Limited", "product": "FENCE-Mobile RemoteManager i-FILTER Browser Service", "versions": [{"version": "prior to 4.93R11", "status": "affected"}]}, {"vendor": "OPTiM Corporation", "product": "Optimal Biz Web Filtering Powered by i-FILTER (Windows version)", "versions": [{"version": "prior to 4.93R11", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "Multiple i-\u30d5\u30a3\u30eb\u30bf\u30fc products contain an issue with incorrect default permissions. If this vulnerability is exploited, a local authenticated attacker may replace a service executable on the system where the product is running, potentially allowing arbitrary code execution with SYSTEM privileges."}], "problemTypes": [{"descriptions": [{"description": "Incorrect default permissions", "lang": "en-US", "cweId": "CWE-276", "type": "CWE"}]}], "references": [{"url": "https://www.daj.jp/shared/php/downloadset/c/parts.php?page=dl&filename=information_20250827_01.pdf"}, {"url": "https://www.daj.jp/shared/php/downloadset/c/parts.php?page=dl&filename=information_20250827_02.pdf"}, {"url": "https://jvn.jp/en/jp/JVN55678602/"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_0": {"version": "3.0", "baseSeverity": "HIGH", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}, {"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV4_0": {"version": "4.0", "baseSeverity": "HIGH", "baseScore": 8.5, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2025-08-27T05:28:42.925Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-27T14:47:59.700143Z", "id": "CVE-2025-57846", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-27T14:52:39.319Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-57846", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-08-27T14:47:59.700143Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-27T14:51:43.886Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"version": "4.0", "baseScore": 8.5, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "Digital Arts Inc.", "product": "i-\u30d5\u30a3\u30eb\u30bf\u30fc 6.0", "versions": [{"status": "affected", "version": "prior to 6.00.55"}]}, {"vendor": "Digital Arts Inc.", "product": "i-\u30d5\u30a3\u30eb\u30bf\u30fc for \u30de\u30eb\u30c1\u30c7\u30d0\u30a4\u30b9", "versions": [{"status": "affected", "version": "prior to 6.00.55 (Windows version only)"}]}, {"vendor": "Digital Arts Inc.", "product": "i-\u30d5\u30a3\u30eb\u30bf\u30fc for ZAQ", "versions": [{"status": "affected", "version": "prior to 6.00.55 (Windows version only)"}]}, {"vendor": "Digital Arts Inc.", "product": "i-\u30d5\u30a3\u30eb\u30bf\u30fc for \u30cd\u30c3\u30c8\u30ab\u30d5\u30a7", "versions": [{"status": "affected", "version": "prior to 6.10.55"}]}, {"vendor": "Digital Arts Inc.", "product": "i-FILTER \u30d6\u30e9\u30a6\u30b6\u30fc\uff06\u30af\u30e9\u30a6\u30c9 MultiAgent for Windows", "versions": [{"status": "affected", "version": "prior to 4.93.R11"}]}, {"vendor": "Fujitsu Limited", "product": "FENCE-Mobile RemoteManager i-FILTER Browser Service", "versions": [{"status": "affected", "version": "prior to 4.93R11"}]}, {"vendor": "OPTiM Corporation", "product": "Optimal Biz Web Filtering Powered by i-FILTER (Windows version)", "versions": [{"status": "affected", "version": "prior to 4.93R11"}]}], "references": [{"url": "https://www.daj.jp/shared/php/downloadset/c/parts.php?page=dl&filename=information_20250827_01.pdf"}, {"url": "https://www.daj.jp/shared/php/downloadset/c/parts.php?page=dl&filename=information_20250827_02.pdf"}, {"url": "https://jvn.jp/en/jp/JVN55678602/"}], "descriptions": [{"lang": "en", "value": "Multiple i-\u30d5\u30a3\u30eb\u30bf\u30fc products contain an issue with incorrect default permissions. If this vulnerability is exploited, a local authenticated attacker may replace a service executable on the system where the product is running, potentially allowing arbitrary code execution with SYSTEM privileges."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-276", "description": "Incorrect default permissions"}]}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2025-08-27T05:28:42.925Z"}}}, "cveMetadata": {"cveId": "CVE-2025-57846", "state": "PUBLISHED", "dateUpdated": "2025-08-27T14:52:39.319Z", "dateReserved": "2025-08-21T04:04:10.182Z", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "datePublished": "2025-08-27T05:28:42.925Z", "assignerShortName": "jpcert"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple i-\u30d5\u30a3\u30eb\u30bf\u30fc products contain an issue with incorrect default permissions. If this vulnerability is exploited, a local authenticated attacker may replace a service executable on the system where the product is running, potentially allowing arbitrary code execution with SYSTEM privileges."}, {"lang": "es", "value": "Varios productos i-????? presentan un problema con permisos predeterminados incorrectos. Si se explota esta vulnerabilidad, un atacante local autenticado podr\u00eda reemplazar un ejecutable de servicio en el sistema donde se ejecuta el producto, lo que podr\u00eda permitir la ejecuci\u00f3n de c\u00f3digo arbitrario con privilegios de SYSTEM."}], "id": "CVE-2025-57846", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "vultures@jpcert.or.jp", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "vultures@jpcert.or.jp", "type": "Secondary"}]}, "published": "2025-08-27T06:15:30.777", "references": [{"source": "vultures@jpcert.or.jp", "url": "https://jvn.jp/en/jp/JVN55678602/"}, {"source": "vultures@jpcert.or.jp", "url": "https://www.daj.jp/shared/php/downloadset/c/parts.php?page=dl&filename=information_20250827_01.pdf"}, {"source": "vultures@jpcert.or.jp", "url": "https://www.daj.jp/shared/php/downloadset/c/parts.php?page=dl&filename=information_20250827_02.pdf"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-276"}], "source": "vultures@jpcert.or.jp", "type": "Secondary"}]}

{}

{}