[Japanese]

JVNDB-2026-000009

Installer of Fujitsu ServerView Agents for Windows may insecurely load Dynamic Link Libraries

Overview

The installer of ServerView Agents for Windows provided by Fsas Technologies Inc. contains the following vulnerability.
  • Uncontrolled search path element (CWE-427) - CVE-2026-24016
Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 7.8 (High) [IPA Score]
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
Affected Products


Fsas Technologies Inc.
  • ServerView Agents for Windows V11.50.06 and earlier

Impact

Arbitrary code may be executed with the administrator privilege when the installer is executed.
Solution

[Use the latest installer]
Use the latest installer provided by the developer.
Vendor Information

Fsas Technologies Inc.
CWE (What is CWE?)

  1. No Mapping(CWE-Other) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2026-24016
References

  1. JVN : JVNTA#91240916
  2. JVN : JVN#65211823
Revision History

  • [2026/01/21]
      Web page was published

Date Public2026/01/21
Date First Published2026/01/21
Date Last Updated2026/01/21