CVE-2026-23703 is a vulnerability identified in the installer of Digital Arts Inc.'s FinalCode Ver.5 series, specifically affecting versions prior to 5.43R01. The root cause is incorrect default permissions assigned during the installation process, which inadvertently allow non-administrative users to execute arbitrary code with SYSTEM-level privileges. SYSTEM privileges represent the highest level of access on Windows systems, enabling full control over the affected machine. The vulnerability is local (AV:L), meaning an attacker must have some level of access to the system but only requires low privileges (PR:L) to exploit it. No user interaction (UI:N) is necessary, and the scope remains unchanged (S:U), indicating the exploit affects only the vulnerable component without extending to other system components. The impact on confidentiality, integrity, and availability is high (C:H/I:H/A:H), as an attacker can fully compromise the system, potentially leading to data breaches, system manipulation, or denial of service. Although no known exploits are reported in the wild, the vulnerability's nature makes it a critical target for attackers seeking privilege escalation. The vulnerability was published on February 26, 2026, and assigned a CVSS v3.0 score of 7.8, reflecting its high severity. FinalCode is a data protection and encryption product widely used in enterprise environments, especially in sectors requiring stringent data security. The incorrect permissions likely stem from misconfigured Access Control Lists (ACLs) or insecure file/folder permissions during installation, which should be corrected by the vendor's patch. Until patched, attackers with local access can leverage this flaw to gain SYSTEM privileges and compromise the entire system.

The vulnerability allows local attackers with low privileges to escalate their rights to SYSTEM level, which is the highest privilege on Windows systems. This can lead to complete system compromise, including unauthorized access to sensitive data, modification or deletion of critical files, installation of persistent malware, and disruption of system availability. Organizations using FinalCode Ver.5 in environments with multiple users or shared access are at particular risk, as any non-administrative user could exploit this flaw to gain full control. This could result in data breaches, intellectual property theft, and operational downtime. Given FinalCode's role in data protection, exploitation could undermine the integrity of encrypted data and the trustworthiness of security controls. The absence of known exploits in the wild reduces immediate risk but does not eliminate the threat, especially as attackers may develop exploits following public disclosure. The vulnerability's local attack vector limits remote exploitation but does not reduce the severity in environments where insider threats or compromised accounts exist.

1. Apply the vendor's patch or update to FinalCode Ver.5.43R01 or later as soon as it becomes available to correct the installer permissions. 2. Until patching is possible, restrict local user access to systems running vulnerable versions of FinalCode to trusted personnel only. 3. Conduct a thorough audit of file and folder permissions related to FinalCode installation directories and executables to identify and remediate insecure ACLs. 4. Implement strict endpoint security controls, including application whitelisting and behavior monitoring, to detect and prevent unauthorized code execution. 5. Use least privilege principles to limit user rights on affected systems, minimizing the risk of privilege escalation. 6. Monitor system logs for unusual activities indicative of privilege escalation attempts. 7. Educate IT staff and users about the risks of local privilege escalation vulnerabilities and the importance of timely patching. 8. Consider deploying host-based intrusion detection/prevention systems (HIDS/HIPS) to detect exploitation attempts targeting this vulnerability.