8.8
CVE-2026-27776
- EPSS 0.08%
- Veröffentlicht 27.02.2026 07:50:42
- Zuletzt bearbeitet 23.03.2026 14:21:07
- Quelle vultures@jpcert.or.jp
- CVE-Watchlists
- Unerledigt
LoginIM-LogicDesigner module of intra-mart Accel Platform contains insecure deserialization issue. This can be exploited only when IM-LogicDesigner is deployed on the system. Arbitrary code may be executed when some crafted file is imported by a user with the administrative privilege.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Intra-mart ≫ Accel Platform Version8.0.4 Update-
Intra-mart ≫ Accel Platform Version8.0.5 Update-
Intra-mart ≫ Accel Platform Version8.0.6 Update-
Intra-mart ≫ Accel Platform Version8.0.7 Update-
Intra-mart ≫ Accel Platform Version8.0.8 Update-
Intra-mart ≫ Accel Platform Version8.0.9 Update-
Intra-mart ≫ Accel Platform Version8.0.10 Update-
Intra-mart ≫ Accel Platform Version8.0.11 Update-
Intra-mart ≫ Accel Platform Version8.0.12 Update-
Intra-mart ≫ Accel Platform Version8.0.13 Update-
Intra-mart ≫ Accel Platform Version8.0.14 Update-
Intra-mart ≫ Accel Platform Version8.0.15 Update-
Intra-mart ≫ Accel Platform Version8.0.16 Update-
Intra-mart ≫ Accel Platform Version8.0.17 Update-
Intra-mart ≫ Accel Platform Version8.0.19 Update-
Intra-mart ≫ Accel Platform Version8.0.20 Update-
Intra-mart ≫ Accel Platform Version8.0.21 Update-
Intra-mart ≫ Accel Platform Version8.0.22 Update-
Intra-mart ≫ Accel Platform Version8.0.23 Update-
Intra-mart ≫ Accel Platform Version8.0.24 Update-
Intra-mart ≫ Accel Platform Version8.0.25 Update-
Intra-mart ≫ Accel Platform Version8.0.26 Update-
Intra-mart ≫ Accel Platform Version8.0.27 Update-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.242 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| vultures@jpcert.or.jp | 8.6 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| vultures@jpcert.or.jp | 7.2 | 1.2 | 5.9 |
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
CWE-502 Deserialization of Untrusted Data
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.