CVE-2026-24694

HIGH

Roland Cloud Manager <3.1.19 - Code Injection

Title source: llm

Description

The installer for Roland Cloud Manager ver.3.1.19 and prior insecurely loads Dynamic Link Libraries (DLLs), which could allow an attacker to execute arbitrary code with the privileges of the application.

References (2)

[Various Sources] https://www.roland.com/global/products/rc_roland_cloud_manager/support/#dl-support_documents

[Third Party Advisory] https://jvn.jp/en/jp/JVN89992160/

Scores

CVSS v3 7.8

EPSS 0.0002

EPSS Percentile 6.1%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-427

Status published

Products (1)

Roland Corporation/Roland Cloud Manager ver.3.1.19 and prior

Published Feb 03, 2026

Tracked Since Feb 18, 2026