CVE-2026-27653 PUBLISHED

Assigner: jpcert
Reserved: 25.02.2026 Published: 27.02.2026 Updated: 27.02.2026

The installers for multiple products provided by Soliton Systems K.K. contain an issue with incorrect default permissions, which may allow arbitrary code to be executed with SYSTEM privileges.

Metrics

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CVSS Score: 5.4

Product Status

Vendor Soliton Systems K.K.
Product Soliton SecureBrowser for OneGate
Versions
  • Version V1.0.0 is affected
Vendor Soliton Systems K.K.
Product Soliton SecureBrowser II
Versions
  • Version V2.0.0 to V2.0.14 is affected
Vendor Soliton Systems K.K.
Product Soliton SecureWorkspace (formerly WrappingBox)
Versions
  • Version V1.0.0 to V1.4.7 is affected

References

Problem Types