Search
Find a vulnerability
Search criteria
3 vulnerabilities found for PC Time Tracer by Keiyo System Co., LTD
CVE-2025-46355 (GCVE-0-2025-46355)
Vulnerability from nvd – Published: 2025-06-03 08:09 – Updated: 2025-06-03 13:54
VLAI
Summary
Incorrect default permissions issue in PC Time Tracer prior to 5.2. If exploited, arbitrary code may be executed with SYSTEM privilege on Windows system where the product is running by a local authenticated attacker.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-276 - Incorrect default permissions
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Keiyo System Co., LTD | PC Time Tracer |
Affected:
prior to 5.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46355",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-03T13:54:27.240391Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T13:54:42.604Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PC Time Tracer",
"vendor": "Keiyo System Co., LTD",
"versions": [
{
"status": "affected",
"version": "prior to 5.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Incorrect default permissions issue in PC Time Tracer prior to 5.2. If exploited, arbitrary code may be executed with SYSTEM privilege on Windows system where the product is running by a local authenticated attacker."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "Incorrect default permissions",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T08:09:47.909Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.keiyo-system.co.jp/archives/11305"
},
{
"url": "https://jvn.jp/en/jp/JVN05562338/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2025-46355",
"datePublished": "2025-06-03T08:09:47.909Z",
"dateReserved": "2025-05-28T02:51:59.281Z",
"dateUpdated": "2025-06-03T13:54:42.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-46355 (GCVE-0-2025-46355)
Vulnerability from cvelistv5 – Published: 2025-06-03 08:09 – Updated: 2025-06-03 13:54
VLAI
Summary
Incorrect default permissions issue in PC Time Tracer prior to 5.2. If exploited, arbitrary code may be executed with SYSTEM privilege on Windows system where the product is running by a local authenticated attacker.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-276 - Incorrect default permissions
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Keiyo System Co., LTD | PC Time Tracer |
Affected:
prior to 5.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46355",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-03T13:54:27.240391Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T13:54:42.604Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PC Time Tracer",
"vendor": "Keiyo System Co., LTD",
"versions": [
{
"status": "affected",
"version": "prior to 5.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Incorrect default permissions issue in PC Time Tracer prior to 5.2. If exploited, arbitrary code may be executed with SYSTEM privilege on Windows system where the product is running by a local authenticated attacker."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "Incorrect default permissions",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T08:09:47.909Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.keiyo-system.co.jp/archives/11305"
},
{
"url": "https://jvn.jp/en/jp/JVN05562338/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2025-46355",
"datePublished": "2025-06-03T08:09:47.909Z",
"dateReserved": "2025-05-28T02:51:59.281Z",
"dateUpdated": "2025-06-03T13:54:42.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
JVNDB-2025-000035
Vulnerability from jvndb - Published: 2025-06-03 14:40 - Updated:2025-06-03 14:40
Severity
Summary
Improper file access permission settings in PC Time Tracer
Details
PC Time Tracer provided by Keiyo System Co., LTD contains a vulnerability listed below.
- Incorrect default permissions (CWE-276) - CVE-2025-46355
References
| Type | URL | |
|---|---|---|
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-000035.html",
"dc:date": "2025-06-03T14:40+09:00",
"dcterms:issued": "2025-06-03T14:40+09:00",
"dcterms:modified": "2025-06-03T14:40+09:00",
"description": "PC Time Tracer provided by Keiyo System Co., LTD contains a vulnerability listed below.\r\n\u003cul\u003e\u003cli\u003eIncorrect default permissions (CWE-276) - CVE-2025-46355\u003c/li\u003e\u003c/ul\u003e\r\n\r\nRuslan Sayfiev and Masahiro Kawada of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-000035.html",
"sec:cpe": {
"#text": "cpe:/a:misc:keiyo_system_pc_time_tracer",
"@product": "PC Time Tracer",
"@vendor": "Keiyo System Co., LTD",
"@version": "2.2"
},
"sec:cvss": {
"@score": "7.3",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"@version": "3.0"
},
"sec:identifier": "JVNDB-2025-000035",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN05562338/index.html",
"@id": "JVN#05562338",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2025-46355",
"@id": "CVE-2025-46355",
"@source": "CVE"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Improper file access permission settings in PC Time Tracer"
}