Search criteria
3 vulnerabilities found for PC Time Tracer by Keiyo System Co., LTD
CVE-2025-46355 (GCVE-0-2025-46355)
Vulnerability from cvelistv5 – Published: 2025-06-03 08:09 – Updated: 2025-06-03 13:54
VLAI?
Summary
Incorrect default permissions issue in PC Time Tracer prior to 5.2. If exploited, arbitrary code may be executed with SYSTEM privilege on Windows system where the product is running by a local authenticated attacker.
Severity ?
CWE
- CWE-276 - Incorrect default permissions
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Keiyo System Co., LTD | PC Time Tracer |
Affected:
prior to 5.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46355",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-03T13:54:27.240391Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T13:54:42.604Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PC Time Tracer",
"vendor": "Keiyo System Co., LTD",
"versions": [
{
"status": "affected",
"version": "prior to 5.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Incorrect default permissions issue in PC Time Tracer prior to 5.2. If exploited, arbitrary code may be executed with SYSTEM privilege on Windows system where the product is running by a local authenticated attacker."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "Incorrect default permissions",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T08:09:47.909Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.keiyo-system.co.jp/archives/11305"
},
{
"url": "https://jvn.jp/en/jp/JVN05562338/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2025-46355",
"datePublished": "2025-06-03T08:09:47.909Z",
"dateReserved": "2025-05-28T02:51:59.281Z",
"dateUpdated": "2025-06-03T13:54:42.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-46355 (GCVE-0-2025-46355)
Vulnerability from nvd – Published: 2025-06-03 08:09 – Updated: 2025-06-03 13:54
VLAI?
Summary
Incorrect default permissions issue in PC Time Tracer prior to 5.2. If exploited, arbitrary code may be executed with SYSTEM privilege on Windows system where the product is running by a local authenticated attacker.
Severity ?
CWE
- CWE-276 - Incorrect default permissions
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Keiyo System Co., LTD | PC Time Tracer |
Affected:
prior to 5.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46355",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-03T13:54:27.240391Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T13:54:42.604Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PC Time Tracer",
"vendor": "Keiyo System Co., LTD",
"versions": [
{
"status": "affected",
"version": "prior to 5.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Incorrect default permissions issue in PC Time Tracer prior to 5.2. If exploited, arbitrary code may be executed with SYSTEM privilege on Windows system where the product is running by a local authenticated attacker."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "Incorrect default permissions",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T08:09:47.909Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.keiyo-system.co.jp/archives/11305"
},
{
"url": "https://jvn.jp/en/jp/JVN05562338/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2025-46355",
"datePublished": "2025-06-03T08:09:47.909Z",
"dateReserved": "2025-05-28T02:51:59.281Z",
"dateUpdated": "2025-06-03T13:54:42.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
JVNDB-2025-000035
Vulnerability from jvndb - Published: 2025-06-03 14:40 - Updated:2025-06-03 14:40
Severity ?
Summary
Improper file access permission settings in PC Time Tracer
Details
PC Time Tracer provided by Keiyo System Co., LTD contains a vulnerability listed below.
- Incorrect default permissions (CWE-276) - CVE-2025-46355
References
| Type | URL | |
|---|---|---|
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-000035.html",
"dc:date": "2025-06-03T14:40+09:00",
"dcterms:issued": "2025-06-03T14:40+09:00",
"dcterms:modified": "2025-06-03T14:40+09:00",
"description": "PC Time Tracer provided by Keiyo System Co., LTD contains a vulnerability listed below.\r\n\u003cul\u003e\u003cli\u003eIncorrect default permissions (CWE-276) - CVE-2025-46355\u003c/li\u003e\u003c/ul\u003e\r\n\r\nRuslan Sayfiev and Masahiro Kawada of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-000035.html",
"sec:cpe": {
"#text": "cpe:/a:misc:keiyo_system_pc_time_tracer",
"@product": "PC Time Tracer",
"@vendor": "Keiyo System Co., LTD",
"@version": "2.2"
},
"sec:cvss": {
"@score": "7.3",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"@version": "3.0"
},
"sec:identifier": "JVNDB-2025-000035",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN05562338/index.html",
"@id": "JVN#05562338",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2025-46355",
"@id": "CVE-2025-46355",
"@source": "CVE"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Improper file access permission settings in PC Time Tracer"
}