CVE-2026-28267

5.5 MEDIUM
Published: March 10, 2026 Modified: March 11, 2026
View on NVD

Description

Multiple i-フィルター products are configured with improper file access permission settings. Files may be created or overwritten in the system directory or backup directory by a non-administrative user.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://biz3.optim.co.jp/
Source: vultures@jpcert.or.jp
https://jvn.jp/en/jp/JVN17307628/
Source: vultures@jpcert.or.jp
https://sd.fjsd001.dfcenter.jp.fujitsu.com/portal/ja/kb/articles/windows%E3%81%AE%E3%83%AA%E3%83%AA%E3%83%BC%E3%82%B9%E3%83%8E%E3%83%BC%E3%83%88
Source: vultures@jpcert.or.jp
https://www.daj.jp/shared/php/downloadset/c/parts.php?page=dl&filename=information_20260309_01.pdf
Source: vultures@jpcert.or.jp
https://www.daj.jp/shared/php/downloadset/c/parts.php?page=dl&filename=information_20260309_02.pdf
Source: vultures@jpcert.or.jp
https://www.mobi-connect.net/file/ifilter/
Source: vultures@jpcert.or.jp

6 reference(s) from NVD

Quick Stats

CVSS v3 Score
5.5 / 10.0
EPSS (Exploit Probability)
0.0%
2th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-276

Related CVEs

CVE-2026-32899 4.3
CVE-2026-32898 5.4
CVE-2026-32897 3.7
CVE-2026-32896 4.8
CVE-2026-32895 5.4