216.73.217.86

CVE-2025-9818

· Published 17/09/2025 04:16 · Modified 17/09/2025 14:18

Labels: CVE-2025-9818 2025-09-17CVE-2025-9818CWE-428bba440f9-ef23-4224-aa62-7ac0935d18d1

Essential information

Published
17/09/2025 04:16
Modified
17/09/2025 14:18
Author
Creator
CVSS
6.7 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

A vulnerability (CWE-428) has been identified in the Uninterruptible Power Supply (UPS) management application provided by OMRON SOCIAL SOLUTIONS Co., Ltd., where the executable file paths of Windows services are not enclosed in quotation marks. If the installation folder path of this product contains spaces, there is a possibility that unauthorized files may be executed under the service privileges by using paths containing spaces.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
bba440f9-ef23-4224-aa62-7ac0935d18d1
NVD
View on NVD

Affected products (CPE)

ProductCPE
omron / ups management application cpe:2.3:a:omron:ups_management_application:*:*:*:*:*:*:*:*

References