CVE-2026-32679

HIGH

Downloader5Installer.exe 1.0.0.0 - DLL Hijacking

Title source: llm

Description

The installers of LiveOn Meet Client for Windows (Downloader5Installer.exe and Downloader5InstallerForAdmin.exe) and the installers of Canon Network Camera Plugin (CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe) insecurely load Dynamic Link Libraries (DLLs). If a malicious DLL is placed at the same directory, the affected installer may load that DLL and execute its code with the privilege of the user invoking the installer.

References (2)

https://web.liveon.ne.jp/wp-content/uploads/2026/04/JMSSA2026-001.pdf

https://jvn.jp/en/jp/JVN45563482/

Scores

CVSS v3 7.8

EPSS 0.0001

EPSS Percentile 3.4%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-427

Status published

Products (4)

Japan Media Systems Corporation/CanonNWCamPlugin.exe Ver.1.0.0.0

Japan Media Systems Corporation/CanonNWCamPluginForAdmin.exe Ver.1.0.0.0

Japan Media Systems Corporation/Downloader5Installer.exe Ver.1.0.0.0

Japan Media Systems Corporation/Downloader5InstallerForAdmin.exe Ver.1.0.0.0

Published Apr 23, 2026

Tracked Since Apr 23, 2026