CVE-2017-10822
HIGHInstaller for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program - Untrusted Search Path
Title source: llmDescription
Untrusted search path vulnerability in Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program (program released on 2013 September 30) distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
References (1)
Core 1
Core References
Third Party Advisory, Vendor Advisory third-party-advisory
x_refsource_jvn
https://jvn.jp/en/jp/JVN71104430/index.html
Scores
CVSS v3
7.8
EPSS
0.0106
EPSS Percentile
60.1%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-426
Status
published
Products (2)
Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI)/Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program (program released on 2013 September 30)
Distributed on the website until 2017 May 17
enecho.meti/shin_sekiyu_yunyu_chousa_houkoku_data_nyuryoku_program
Published
Aug 18, 2017
Tracked Since
Feb 18, 2026