CVE-2018-0624

Name of the Vulnerable Software and Affected Versions Yayoi Kaikei 17 Series versions 23.1.1 and earlier Yayoi Aoiro Shinkoku 17 versions 23.1.1 and earlier Yayoi Kyuuyo 17 versions 20.1.4 and earlier Yayoi Kyuuyo Keisan 17 versions 20.1.4 and earlier Yayoi Hanbai 17 Series versions 20.0.2 and earlier Yayoi Kokyaku Kanri 17 versions 11.0.2 and earlier

Description The issue allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. This flaw exists within the handling of ykkapi.dll loaded by the vulnerable products.

Recommendations For Yayoi Kaikei 17 Series versions 23.1.1 and earlier, consider restricting access to the ykkapi.dll until a patch is available. For Yayoi Aoiro Shinkoku 17 versions 23.1.1 and earlier, consider restricting access to the ykkapi.dll until a patch is available. For Yayoi Kyuuyo 17 versions 20.1.4 and earlier, consider restricting access to the ykkapi.dll until a patch is available. For Yayoi Kyuuyo Keisan 17 versions 20.1.4 and earlier, consider restricting access to the ykkapi.dll until a patch is available. For Yayoi Hanbai 17 Series versions 20.0.2 and earlier, consider restricting access to the ykkapi.dll until a patch is available. For Yayoi Kokyaku Kanri 17 versions 11.0.2 and earlier, consider restricting access to the ykkapi.dll until a patch is available.