Skip to main content

Ups Multi Ups Management Console CVE-2026-26034

HIGH
Incorrect Default Permissions (CWE-276)
2026-03-05 vultures@jpcert.or.jp
7.8
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 22:06 vuln.today
CVE Published
Mar 05, 2026 - 03:15 nvd
HIGH 7.8

DescriptionCVE.org

UPS Multi-UPS Management Console (MUMC) version 01.06.0001 (A03) contains an Incorrect Default Permissions (CWE-276) vulnerability that allows an attacker to execute arbitrary code with SYSTEM privileges by causing the application to load a specially crafted DLL.

AnalysisAI

Ups Multi-Ups Management Console versions up to 01.06.0001_\(a03\) is affected by incorrect default permissions (CVSS 7.8).

Technical ContextAI

This vulnerability (CWE-276: Incorrect Default Permissions) affects Ups Multi-Ups Management Console. UPS Multi-UPS Management Console (MUMC) version 01.06.0001 (A03) contains an Incorrect Default Permissions (CWE-276) vulnerability that allows an attacker to execute arbitrary code with SYSTEM privileges by causing the application to load a specially crafted DLL.

RemediationAI

Monitor vendor advisories for a patch.

Share

CVE-2026-26034 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy