Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for RATOC RAID Monitoring Manager by RATOC Systems, Inc.

    JVNDB-2026-000044

    Vulnerability from jvndb - Published: 2026-03-26 17:41 - Updated:2026-03-26 17:41
    Severity
    Summary
    Multiple vulnerabilities in the installer of RATOC RAID Monitoring Manager for Windows
    Details
    The installer of RATOC RAID Monitoring Manager for Windows provided by RATOC Systems, Inc. contains multiple vulnerabilities listed below.
    • Uncontrolled search path element (CWE-427) - CVE-2026-28760
    • Incorrect default permissions (CWE-276) - CVE-2026-32680
    Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-000044.html",
      "dc:date": "2026-03-26T17:41+09:00",
      "dcterms:issued": "2026-03-26T17:41+09:00",
      "dcterms:modified": "2026-03-26T17:41+09:00",
      "description": "The installer of RATOC RAID Monitoring Manager for Windows provided by RATOC Systems, Inc. contains multiple vulnerabilities listed below.\u003ca href=\u0027https://cwe.mitre.org/data/definitions/427.html\u0027 target=\u0027_blank\u0027\u003e\u003c/a\u003e\u003ca href=\u0027https://cwe.mitre.org/data/definitions/276.html\u0027 target=\u0027_blank\u0027\u003e\u003c/a\u003e\u003cul\u003e\u003cli\u003eUncontrolled search path element (CWE-427) - CVE-2026-28760\u003c/li\u003e\u003cli\u003eIncorrect default permissions (CWE-276) - CVE-2026-32680\u003c/li\u003e\u003c/ul\u003eKazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-000044.html",
      "sec:cpe": {
        "#text": "cpe:/a:misc:ratoc_raidutility",
        "@product": "RATOC RAID Monitoring Manager",
        "@vendor": "RATOC Systems, Inc.",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "7.8",
        "@severity": "High",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2026-000044",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN08057419/index.html",
          "@id": "JVN#08057419",
          "@source": "JVN"
        },
        {
          "#text": "https://jvn.jp/en/ta/JVNTA91240916/",
          "@id": "JVNTA#91240916",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2026-28760",
          "@id": "CVE-2026-28760",
          "@source": "CVE"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2026-32680",
          "@id": "CVE-2026-32680",
          "@source": "CVE"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Multiple vulnerabilities in the installer of RATOC RAID Monitoring Manager for Windows"
    }

    JVNDB-2025-000073

    Vulnerability from jvndb - Published: 2025-09-05 16:20 - Updated:2025-09-05 16:20
    Severity
    Summary
    RATOC RAID Monitoring Manager for Windows registers a Windows service with an unquoted file path
    Details
    RATOC RAID Monitoring Manager for Windows provided by RATOC Systems, Inc. contains the following vulnerability.
    • Unquoted search path or element (CWE-428) - CVE-2025-58400
    Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-000073.html",
      "dc:date": "2025-09-05T16:20+09:00",
      "dcterms:issued": "2025-09-05T16:20+09:00",
      "dcterms:modified": "2025-09-05T16:20+09:00",
      "description": "RATOC RAID Monitoring Manager for Windows provided by RATOC Systems, Inc. contains the following vulnerability.\u003cul\u003e\u003cli\u003eUnquoted search path or element (CWE-428) - CVE-2025-58400\u003c/li\u003e\u003c/ul\u003e\r\nKazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-000073.html",
      "sec:cpe": {
        "#text": "cpe:/a:misc:ratoc_raidutility",
        "@product": "RATOC RAID Monitoring Manager",
        "@vendor": "RATOC Systems, Inc.",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "6.7",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2025-000073",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN98737186/index.html",
          "@id": "JVN#98737186",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-58400",
          "@id": "CVE-2025-58400",
          "@source": "CVE"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "RATOC RAID Monitoring Manager for Windows registers a Windows service with an unquoted file path"
    }