Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
1 vulnerability by DENSO TEN Limited
JVNDB-2025-000082
Vulnerability from jvndb - Published: 2025-10-06 15:38 - Updated:2025-10-06 15:38
Severity
Summary
The installers of DENSO TEN drive recorder viewer may insecurely load Dynamic Link Libraries
Details
The installers of DENSO TEN drive recorder viewer may insecurely load Dynamic Link Libraries.
* Uncontrolled search path element (CWE-427) - CVE-2025-57781
This vulnerability is exploited by directing a user to download and place a crafted DLL file with the affected installer, and to execute the installer.
Takeru Naito of MOTEX Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-000082.html",
"dc:date": "2025-10-06T15:38+09:00",
"dcterms:issued": "2025-10-06T15:38+09:00",
"dcterms:modified": "2025-10-06T15:38+09:00",
"description": "The installers of DENSO TEN drive recorder viewer may insecurely load Dynamic Link Libraries.\r\n\r\n* Uncontrolled search path element (CWE-427) - CVE-2025-57781\r\n\r\nThis vulnerability is exploited by directing a user to download and place a crafted DLL file with the affected installer, and to execute the installer.\r\n\r\nTakeru Naito of MOTEX Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-000082.html",
"sec:cpe": {
"#text": "cpe:/o:misc:densoten_multiple_product",
"@product": "(Multiple Products)",
"@vendor": "DENSO TEN Limited",
"@version": "2.2"
},
"sec:cvss": {
"@score": "7.8",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"@version": "3.0"
},
"sec:identifier": "JVNDB-2025-000082",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN95806263/index.html",
"@id": "JVN#95806263",
"@source": "JVN"
},
{
"#text": "https://jvn.jp/en/jp/JVN72748502/index.html",
"@id": "JVN#72748502",
"@source": "JVN"
},
{
"#text": "https://jvn.jp/en/ta/JVNTA91240916/",
"@id": "JVNTA#91240916",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2025-57781",
"@id": "CVE-2025-57781",
"@source": "CVE"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "The installers of DENSO TEN drive recorder viewer may insecurely load Dynamic Link Libraries"
}