Digital Arts FinalCode Client Incorrect Default Permissions Vulnerability Allowing Arbitrary Code Execution with SYSTEM Privilege
Vulnerability
A vulnerability exists in the installer of FinalCode Client by Digital Arts Inc., specifically in versions of FinalCode Ver.5 series prior to 5.43R01 and Ver.6 series prior to 6.51R01. The issue arises from incorrect default permissions, allowing a non-administrative user to execute arbitrary code with SYSTEM privileges.
Impact
Exploitation of this vulnerability allows a non-administrative user to execute arbitrary code with SYSTEM privileges.
Remediation
Users are advised to update to the latest version of FinalCode Client. Version 6.51R01 was released on February 26, 2026, and version 5.43R01 is also available. Instructions for updating FinalCode Client can be found on the Digital Arts support site.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.