cvedb.io
CVE-2018-0623
HIGH · CVSS 7.8
EPSS exploitation probability: 0%
Published 2018-09-07T14:29:00.273 · Last modified 2026-06-17T01:31:19.507

Summary

Untrusted search path vulnerability in Multiple Yayoi 17 Series products (Yayoi Kaikei 17 Series Ver.23.1.1 and earlier, Yayoi Aoiro Shinkoku 17 Ver.23.1.1 and earlier, Yayoi Kyuuyo 17 Ver.20.1.4 and earlier, Yayoi Kyuuyo Keisan 17 Ver.20.1.4 and earlier, Yayoi Hanbai 17 Series Ver. 20.0.2 and earlier, and Yayoi Kokyaku Kanri 17 Ver.11.0.2 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. This flaw exists within the handling of msjet49.dll loaded by the vulnerable products.

Affected products

yayoi-kk — aoiro_shinkoku

Does this affect you?

Add your gear to cvedb and we'll alert you only when yayoi-kk ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.