PT-2026-23127 · Unknown · Ups Multi-Ups Management Console
Kazuma Matsumoto
·
Published
2026-03-05
·
Updated
2026-03-09
·
CVE-2026-26034
CVSS v4.0
8.5
High
| Vector | AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
UPS Multi-UPS Management Console (MUMC) version 01.06.0001 (A03)
Description
The UPS Multi-UPS Management Console (MUMC) version 01.06.0001 (A03) has an issue related to incorrect default permissions. This allows an attacker to execute arbitrary code with SYSTEM privileges by causing the application to load a specially crafted DLL.
Recommendations
Update to a newer version that contains a fix for this vulnerability.
Fix
LPE
Incorrect Default Permissions
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Ups Multi-Ups Management Console