cvedb.io
CVE-2018-16545
HIGH · CVSS 7.8
EPSS exploitation probability: 0%
Published 2018-09-05T19:29:00.983 · Last modified 2026-06-17T01:44:27.697

Summary

Kaizen Asset Manager (Enterprise Edition) and Training Manager (Enterprise Edition) allow a remote attacker to achieve arbitrary code execution via file impersonation. For example, a malicious dynamic-link library (dll) assumed the identity of a temporary (tmp) file (isxdl.dll) and an executable file assumed the identity of a temporary file (996E.temp).

Affected products

kzsoftware — asset_manager

Does this affect you?

Add your gear to cvedb and we'll alert you only when kzsoftware ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.