CVE-2026-32679: Uncontrolled Search Path Element in Japan Media Systems Corporation Downloader5Installer.exe
CVE-2026-32679 is a high-severity vulnerability in Japan Media Systems Corporation's Downloader5Installer. exe and related installers. These installers insecurely load DLLs from their own directory, allowing a malicious DLL placed alongside the installer to be loaded and executed with the privileges of the user running the installer. This can lead to full compromise of confidentiality, integrity, and availability of the affected system. The vulnerability affects version 1. 0. 0. 0 of the software. No official patch or remediation guidance has been provided yet, and no known exploits are reported in the wild.
AI Analysis
Technical Summary
The vulnerability arises from an uncontrolled search path element in the installers Downloader5Installer.exe, Downloader5InstallerForAdmin.exe, CanonNWCamPlugin.exe, and CanonNWCamPluginForAdmin.exe of Japan Media Systems Corporation products. These installers insecurely load Dynamic Link Libraries (DLLs) from their execution directory without proper validation, enabling an attacker who can place a malicious DLL in the same directory to have that DLL loaded and executed with the privileges of the user invoking the installer. This can result in arbitrary code execution with user-level privileges. The affected version is 1.0.0.0 of the software. The CVSS 3.0 base score is 7.8, reflecting high impact on confidentiality, integrity, and availability.
Potential Impact
Successful exploitation allows arbitrary code execution with the privileges of the user running the installer, potentially leading to full system compromise at the user level. Confidentiality, integrity, and availability of the affected system can be fully impacted. No known exploits in the wild have been reported to date.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should avoid running the affected installers from untrusted directories or locations where an attacker could place a malicious DLL. Running installers with least privilege and verifying the integrity of installation files before execution may reduce risk.
CVE-2026-32679: Uncontrolled Search Path Element in Japan Media Systems Corporation Downloader5Installer.exe
Description
CVE-2026-32679 is a high-severity vulnerability in Japan Media Systems Corporation's Downloader5Installer. exe and related installers. These installers insecurely load DLLs from their own directory, allowing a malicious DLL placed alongside the installer to be loaded and executed with the privileges of the user running the installer. This can lead to full compromise of confidentiality, integrity, and availability of the affected system. The vulnerability affects version 1. 0. 0. 0 of the software. No official patch or remediation guidance has been provided yet, and no known exploits are reported in the wild.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability arises from an uncontrolled search path element in the installers Downloader5Installer.exe, Downloader5InstallerForAdmin.exe, CanonNWCamPlugin.exe, and CanonNWCamPluginForAdmin.exe of Japan Media Systems Corporation products. These installers insecurely load Dynamic Link Libraries (DLLs) from their execution directory without proper validation, enabling an attacker who can place a malicious DLL in the same directory to have that DLL loaded and executed with the privileges of the user invoking the installer. This can result in arbitrary code execution with user-level privileges. The affected version is 1.0.0.0 of the software. The CVSS 3.0 base score is 7.8, reflecting high impact on confidentiality, integrity, and availability.
Potential Impact
Successful exploitation allows arbitrary code execution with the privileges of the user running the installer, potentially leading to full system compromise at the user level. Confidentiality, integrity, and availability of the affected system can be fully impacted. No known exploits in the wild have been reported to date.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should avoid running the affected installers from untrusted directories or locations where an attacker could place a malicious DLL. Running installers with least privilege and verifying the integrity of installation files before execution may reduce risk.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- jpcert
- Date Reserved
- 2026-04-20T02:53:09.291Z
- Cvss Version
- 3.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69ea9e7887115cfb686fc3cc
Added to database: 4/23/2026, 10:34:32 PM
Last enriched: 4/23/2026, 11:21:11 PM
Last updated: 4/24/2026, 6:28:43 AM
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.