CVE-2026-27653

MEDIUM

Soliton Systems K.K. Installers - Privilege Escalation

Title source: llm
STIX 2.1

Description

The installers for multiple products provided by Soliton Systems K.K. contain an issue with incorrect default permissions, which may allow arbitrary code to be executed with SYSTEM privileges.

References (2)

Scores

CVSS v3 6.7
EPSS 0.0001
EPSS Percentile 1.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-276 CWE-863
Status published
Products (6)
soliton/securebrowser_for_onegate 1.0.0
soliton/securebrowser_ii 2.0.0 - 2.0.15
soliton/secureworkspace 1.0.0 - 1.4.8
Soliton Systems K.K./Soliton SecureBrowser for OneGate V1.0.0
Soliton Systems K.K./Soliton SecureBrowser II V2.0.0 to V2.0.14
Soliton Systems K.K./Soliton SecureWorkspace (formerly WrappingBox) V1.0.0 to V1.4.7
Published Feb 27, 2026
Tracked Since Feb 27, 2026