CVE-2026-32679: Uncontrolled Search Path Element in Japan Media Systems Corporation Downloader5Installer.exe
The installers of LiveOn Meet Client for Windows (Downloader5Installer.exe and Downloader5InstallerForAdmin.exe) and the installers of Canon Network Camera Plugin (CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe) insecurely load Dynamic Link Libraries (DLLs). If a malicious DLL is placed at the same directory, the affected installer may load that DLL and execute its code with the privilege of the user invoking the installer.
AI Analysis
Technical Summary
The vulnerability arises from an uncontrolled search path element in the installers Downloader5Installer.exe, Downloader5InstallerForAdmin.exe, CanonNWCamPlugin.exe, and CanonNWCamPluginForAdmin.exe of Japan Media Systems Corporation products. These installers insecurely load Dynamic Link Libraries (DLLs) from their execution directory without proper validation, enabling an attacker who can place a malicious DLL in the same directory to have that DLL loaded and executed with the privileges of the user invoking the installer. This can result in arbitrary code execution with user-level privileges. The affected version is 1.0.0.0 of the software. The CVSS 3.0 base score is 7.8, reflecting high impact on confidentiality, integrity, and availability.
Potential Impact
Successful exploitation allows arbitrary code execution with the privileges of the user running the installer, potentially leading to full system compromise at the user level. Confidentiality, integrity, and availability of the affected system can be fully impacted. No known exploits in the wild have been reported to date.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should avoid running the affected installers from untrusted directories or locations where an attacker could place a malicious DLL. Running installers with least privilege and verifying the integrity of installation files before execution may reduce risk.
CVE-2026-32679: Uncontrolled Search Path Element in Japan Media Systems Corporation Downloader5Installer.exe
Description
The installers of LiveOn Meet Client for Windows (Downloader5Installer.exe and Downloader5InstallerForAdmin.exe) and the installers of Canon Network Camera Plugin (CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe) insecurely load Dynamic Link Libraries (DLLs). If a malicious DLL is placed at the same directory, the affected installer may load that DLL and execute its code with the privilege of the user invoking the installer.
CVSS v3.0
Score 7.8high
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability arises from an uncontrolled search path element in the installers Downloader5Installer.exe, Downloader5InstallerForAdmin.exe, CanonNWCamPlugin.exe, and CanonNWCamPluginForAdmin.exe of Japan Media Systems Corporation products. These installers insecurely load Dynamic Link Libraries (DLLs) from their execution directory without proper validation, enabling an attacker who can place a malicious DLL in the same directory to have that DLL loaded and executed with the privileges of the user invoking the installer. This can result in arbitrary code execution with user-level privileges. The affected version is 1.0.0.0 of the software. The CVSS 3.0 base score is 7.8, reflecting high impact on confidentiality, integrity, and availability.
Potential Impact
Successful exploitation allows arbitrary code execution with the privileges of the user running the installer, potentially leading to full system compromise at the user level. Confidentiality, integrity, and availability of the affected system can be fully impacted. No known exploits in the wild have been reported to date.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should avoid running the affected installers from untrusted directories or locations where an attacker could place a malicious DLL. Running installers with least privilege and verifying the integrity of installation files before execution may reduce risk.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- jpcert
- Date Reserved
- 2026-04-20T02:53:09.291Z
- Cvss Version
- 3.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69ea9e7887115cfb686fc3cc
Added to database: 4/23/2026, 10:34:32 PM
Last enriched: 4/23/2026, 11:21:11 PM
Last updated: 6/7/2026, 8:04:59 AM
Views: 47
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.