[Japanese]

JVNDB-2026-000077

Multiple vulnerabilities in ServerView Agents for Windows

Overview

ServerView Agents for Windows provided by Fsas Technologies Inc. is server management software.
ServerView Agents for Windows contains multiple vulnerabilities listed below.
  • Incorrect permission assignment for critical resource (CWE-732) - CVE-2026-27788
  • Privilege chaining (CWE-268) - CVE-2026-32325
MASAHIRO IIDA of LAC Co., Ltd. reported these vulnerabilities to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 7.8 (High) [IPA Score]
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
CVSS v4 Severity
Base Metrics: 8.5 (High) [IPA Score]
  • Access Vector (AV): Local
  • Attack Complexity (AC): Low
  • Attack Requirements (AT): None
  • Privileges Required (PR): Low
  • User Interaction (UI): None
    • Vulnerable System Impact
  • Confidentiality Impact (VC): High
  • Integrity Impact (VI): High
  • Availability Impact (VA): High
    • Subsequent System Impact
  • Confidentiality Impact (SC): None
  • Integrity Impact (SI): None
  • Availability Impact (SA): None
The above CVSS base scores have been assigned for CVE-2026-27788

CVSS v3 Severity
Base Metrics: 7.8(High) [IPA Score]
  • Access Vector : Local
  • Attack Complexity : Low
  • Privileges Required : Low
  • User Interaction : None
  • Scope : Unchanged
  • Confidentiality Impact : High
  • Integrity Impact : High
  • Availability Impact : High
CVSS v4 Severity
Base Metrics: 8.5 (High) [IPA Score]
  • Access Vector (AV): Local
  • Attack Complexity (AC): Low
  • Attack Requirements (AT): None
  • Privileges Required (PR): Low
  • User Interaction (UI): None
    • Vulnerable System Impact
  • Confidentiality Impact (VC): High
  • Integrity Impact (VI): High
  • Availability Impact (VA): High
    • Subsequent System Impact
  • Confidentiality Impact (SC): None
  • Integrity Impact (SI): None
  • Availability Impact (SA): None
The above CVSS base scores have been assigned for CVE-2026-32325
Affected Products


Fsas Technologies Inc.
  • ServerView Agents for Windows V11.60.04 and earlier

Impact

An attacker who can log in to the server where the affected product is installed may obtain SYSTEM privilege.
Solution

[Update the Software]
Update the software to the latest version according to the information provided by the developer.

[Apply the Workaround]
The developer recommends that the users should follow the workaround until applying the latest update.

For more details, refer to the information provided by the developer.
Vendor Information

Fsas Technologies Inc.
CWE (What is CWE?)

  1. No Mapping(CWE-Other) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2026-27788
  2. CVE-2026-32325
References

  1. JVN : JVN#67883085
Revision History

  • [2026/06/01]
      Web page was published

Date Public2026/06/01
Date First Published2026/06/01
Date Last Updated2026/06/01