Skip to main content

NAVER MYBOX Explorer CVE-2026-8148

| EUVDEUVD-2026-28530 HIGH
Incorrect Privilege Assignment (CWE-266)
2026-05-08 naver GHSA-9r2v-r8jf-9prp
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
May 08, 2026 - 19:22 vuln.today
CVSS changed
May 08, 2026 - 19:22 NVD
7.8 (HIGH)
CVE Published
May 08, 2026 - 04:36 nvd
HIGH 7.8
CVE Published
May 08, 2026 - 04:36 nvd
UNKNOWN (no severity yet)

DescriptionCVE.org

NAVER MYBOX Explorer for Windows before 3.0.11.160 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM via registry manipulation due to improper privilege checks.

AnalysisAI

Local attackers with standard user credentials can escalate privileges to NT AUTHORITY\SYSTEM in NAVER MYBOX Explorer for Windows through registry manipulation. The vulnerability affects versions prior to 3.0.11.160 and stems from improper privilege checks, allowing complete system control on compromised endpoints. EPSS risk is low at 0.02% (4th percentile), indicating minimal observed exploitation probability. No active exploitation has been reported and this vulnerability is not listed in CISA KEV.

Technical ContextAI

NAVER MYBOX Explorer is a cloud storage synchronization client for Windows. The vulnerability is rooted in CWE-266 (Incorrect Privilege Assignment), where the application fails to properly validate privilege boundaries when processing registry operations. Windows registry manipulation as a privilege escalation vector typically involves exploiting writable registry keys that control service behavior, scheduled tasks, or application startup parameters that execute with elevated privileges. The improper privilege checks allow a low-privileged user to modify registry entries that are subsequently processed by a higher-privileged component of MYBOX Explorer, resulting in code execution as NT AUTHORITY\SYSTEM - the highest privilege level on Windows systems.

RemediationAI

Upgrade NAVER MYBOX Explorer to version 3.0.11.160 or later, as confirmed by NAVER's security advisory at https://cve.naver.com/detail/cve-2026-8148.html. Organizations should prioritize endpoints where multiple users share systems or where users have interactive logon rights. If immediate patching is not feasible, implement compensating controls: restrict local user privileges through Windows User Account Control (UAC) enforcement and group policy to limit interactive logon rights to trusted administrators only, though this significantly impacts usability for legitimate MYBOX users. Monitor registry access to NAVER MYBOX Explorer paths using Windows Sysmon Event ID 13 (RegistryEvent) for unexpected modifications by non-SYSTEM accounts. Consider temporarily uninstalling MYBOX Explorer on high-value targets if business continuity permits alternative cloud storage solutions during patch deployment. Note that registry monitoring may generate high event volumes in production environments.

Share

CVE-2026-8148 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy