Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    1 vulnerability by DENSO TEN Limited

    JVNDB-2025-000082

    Vulnerability from jvndb - Published: 2025-10-06 15:38 - Updated:2025-10-06 15:38
    Severity
    Summary
    The installers of DENSO TEN drive recorder viewer may insecurely load Dynamic Link Libraries
    Details
    The installers of DENSO TEN drive recorder viewer may insecurely load Dynamic Link Libraries. * Uncontrolled search path element (CWE-427) - CVE-2025-57781 This vulnerability is exploited by directing a user to download and place a crafted DLL file with the affected installer, and to execute the installer. Takeru Naito of MOTEX Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-000082.html",
      "dc:date": "2025-10-06T15:38+09:00",
      "dcterms:issued": "2025-10-06T15:38+09:00",
      "dcterms:modified": "2025-10-06T15:38+09:00",
      "description": "The installers of DENSO TEN drive recorder viewer may insecurely load Dynamic Link Libraries.\r\n\r\n* Uncontrolled search path element (CWE-427) - CVE-2025-57781\r\n\r\nThis vulnerability is exploited by directing a user to download and place a crafted DLL file with the affected installer, and to execute the installer.\r\n\r\nTakeru Naito of MOTEX Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-000082.html",
      "sec:cpe": {
        "#text": "cpe:/o:misc:densoten_multiple_product",
        "@product": "(Multiple Products)",
        "@vendor": "DENSO TEN Limited",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "7.8",
        "@severity": "High",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2025-000082",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN95806263/index.html",
          "@id": "JVN#95806263",
          "@source": "JVN"
        },
        {
          "#text": "https://jvn.jp/en/jp/JVN72748502/index.html",
          "@id": "JVN#72748502",
          "@source": "JVN"
        },
        {
          "#text": "https://jvn.jp/en/ta/JVNTA91240916/",
          "@id": "JVNTA#91240916",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2025-57781",
          "@id": "CVE-2025-57781",
          "@source": "CVE"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "The installers of DENSO TEN drive recorder viewer may insecurely load Dynamic Link Libraries"
    }