CVE-2026-27653
MEDIUM WAF: Low
CVSS 6.7
Published: 2026-02-27
CWE-863
The installers for multiple products provided by Soliton Systems K.K. contain an issue with incorrect default permissions, which may allow arbitrary code to be executed with SYSTEM privileges.
WAF Coverage Analysis
Incorrect Authorization
Low WAF Coverage
OWASP: A01:2021 Broken Access Control
Affected Software
| Vendor | Product | Version |
|---|---|---|
| soliton | securebrowser_for_onegate | 1.0.0 |
| soliton | securebrowser_ii | 2.0.0 - 2.0.15 |
| soliton | secureworkspace | 1.0.0 - 1.4.8 |
References
- jvn.jp (Third Party Advisory)
- www.soliton.co.jp (Vendor Advisory)