Published:2026/01/21 Last Updated:2026/01/21
JVN#65211823
Installer of Fujitsu ServerView Agents for Windows may insecurely load Dynamic Link Libraries
Overview
The installer of ServerView Agents for Windows provided by Fsas Technologies Inc. may insecurely load Dynamic Link Libraries.
Products Affected
- ServerView Agents for Windows V11.50.06 and earlier
Description
The installer of ServerView Agents for Windows provided by Fsas Technologies Inc. contains the following vulnerability.
- Uncontrolled search path element (CWE-427)
- CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 8.4
- CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Base Score 7.8
- CVE-2026-24016
Impact
Arbitrary code may be executed with the administrator privilege when the installer is executed.
Solution
Use the latest installer
Use the latest installer provided by the developer.
Vendor Status
| Vendor | Status | Last Update | Vendor Notes |
|---|---|---|---|
| Fsas Technologies Inc. | Vulnerable | 2026/01/21 | Fsas Technologies Inc. website |
References
-
Japan Vulnerability Notes JVNTA#91240916
Insecure DLL Loading and Command Execution Issues on Many Windows Application Programs
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2026-24016 |
| JVN iPedia |
JVNDB-2026-000009 |