Hogo Kumamaru

Name of the Vulnerable Software and Affected Versions: Sony Audio USB Driver versions 1.10 and prior HAP Music Transfer versions 1.3.0 and prior Description: The issue allows an attacker to gain privileges and execute arbitrary code via a Trojan horse DLL in an unspecified directory. This is due to an untrusted search path vulnerability in the installer of the affected software. Recommendations: For Sony Audio USB Driver versions 1.10 and prior, update to a version later than 1.10 to resolve the issue. For HAP Music Transfer versions 1.3.0 and prior, update to a version later than 1.3.0 to resolve the issue. As a temporary workaround, consider restricting access to the installer to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: SKYSEA Client View versions 1.020.05b through 16.001.01g Description: The issue is related to an untrusted search path vulnerability in the installer, allowing an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Recommendations: For SKYSEA Client View versions 1.020.05b through 16.001.01g, consider restricting access to the installer to minimize the risk of exploitation until a patch is available.