CVE-2026-39454

HIGH

SKYSEA Client View <=21.200.07j - Privilege Escalation

Title source: llm

Description

SKYSEA Client View and SKYMEC IT Manager provided by Sky Co.,LTD. configure the installation folder with improper file access permission settings. A non-administrative user may manipulate and/or place arbitrary files within the installation folder of the product. As a result, arbitrary code may be executed with the administrative privilege.

References (2)

https://www.skyseaclientview.net/news/260420_01/

https://jvn.jp/en/jp/JVN63376363/

Scores

CVSS v3 7.8

EPSS 0.0001

EPSS Percentile 2.2%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-276

Status published

Products (2)

Sky Co.,LTD./SKYMEC IT Manager Ver.2024.005.10a and earlier

Sky Co.,LTD./SKYSEA Client View Ver.21.200.07j and earlier

Published Apr 20, 2026

Tracked Since Apr 20, 2026