Digital Arts i-フィルター Products Improper File Access Permissions Vulnerability Allowing Arbitrary Code Execution

A vulnerability exists in multiple i-フィルター products by Digital Arts Inc. due to incorrect default file access permissions. This issue affects i-フィルター 6.0, i-フィルター for マルチデバイス (Windows version only), i-フィルター for ZAQ (Windows version only), i-フィルター for ネットカフェ, and i-FILTER ブラウザー＆クラウド MultiAgent for Windows, all prior to specific versions. The vulnerability allows a local authenticated attacker to replace a service executable on the system, potentially leading to arbitrary code execution with SYSTEM privileges.

Impact

Exploitation of this vulnerability could result in unauthorized replacement of service executables, allowing for arbitrary code execution with elevated SYSTEM privileges.

Remediation

Users are advised to update to the latest versions of the affected products. For i-フィルター 6.0, i-フィルター for マルチデバイス, and i-フィルター for ZAQ, the latest version is 6.00.55. For i-フィルター for ネットカフェ, the latest version is 6.10.55. Users of i-FILTER ブラウザー＆クラウド MultiAgent for Windows should update to version 4.93R11. Instructions for updating and uninstalling these products are available on the Digital Arts website.