Volerion logoVolerion
Volerion logoVolerion

Soliton Systems Products Incorrect Default Permissions Allowing Arbitrary Code Execution with SYSTEM Privileges

Vulnerability

A vulnerability exists in the installers of multiple products by Soliton Systems K.K. due to incorrect default file access permissions. This flaw may enable arbitrary code execution with SYSTEM privileges. Affected products include Soliton SecureBrowser for OneGate version 1.0.0, Soliton SecureBrowser II versions 2.0.0 to 2.0.14, and Soliton SecureWorkspace (formerly WrappingBox) versions 1.0.0 to 1.4.7.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution with SYSTEM privileges.

Remediation

Users should update to the latest version of the affected product. For Soliton SecureBrowser for OneGate, update to version 1.0.1; for Soliton SecureBrowser II, update to version 2.0.15; and for Soliton SecureWorkspace, update to version 1.4.8. Note that updating may revert the installation path to the default, which could affect deployment if the software was originally installed in a non-default location.

Added: Feb 27, 2026, 6:23 AM
Updated: Feb 27, 2026, 2:37 PM

Vulnerability Rating

Custom Algorithm
spread
0.0
impact
10.0
exploitability
3.3
remediation
0.0
relevance
3.3
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.