{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-39454", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "state": "PUBLISHED", "assignerShortName": "jpcert", "dateReserved": "2026-04-08T11:15:40.304Z", "datePublished": "2026-04-20T08:04:56.595Z", "dateUpdated": "2026-04-20T13:28:56.536Z"}, "containers": {"cna": {"affected": [{"vendor": "Sky Co.,LTD.", "product": "SKYSEA Client View", "versions": [{"version": "Ver.21.200.07j and earlier", "status": "affected"}]}, {"vendor": "Sky Co.,LTD.", "product": "SKYMEC IT Manager", "versions": [{"version": "Ver.2024.005.10a and earlier", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "SKYSEA Client View and SKYMEC IT Manager provided by Sky Co.,LTD. configure the installation folder with improper file access permission settings. A non-administrative user may manipulate and/or place arbitrary files within the installation folder of the product. As a result, arbitrary code may be executed with the administrative privilege."}], "problemTypes": [{"descriptions": [{"description": "Incorrect default permissions", "lang": "en-US", "cweId": "CWE-276", "type": "CWE"}]}], "references": [{"url": "https://www.skyseaclientview.net/news/260420_01/"}, {"url": "https://jvn.jp/en/jp/JVN63376363/"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_0": {"version": "3.0", "baseSeverity": "HIGH", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}, {"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV4_0": {"version": "4.0", "baseSeverity": "HIGH", "baseScore": 8.5, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2026-04-20T08:04:56.595Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-20T13:28:48.426227Z", "id": "CVE-2026-39454", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-20T13:28:56.536Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-39454", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-20T13:28:48.426227Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-20T13:28:52.399Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"version": "4.0", "baseScore": 8.5, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "Sky Co.,LTD.", "product": "SKYSEA Client View", "versions": [{"status": "affected", "version": "Ver.21.200.07j and earlier"}]}, {"vendor": "Sky Co.,LTD.", "product": "SKYMEC IT Manager", "versions": [{"status": "affected", "version": "Ver.2024.005.10a and earlier"}]}], "references": [{"url": "https://www.skyseaclientview.net/news/260420_01/"}, {"url": "https://jvn.jp/en/jp/JVN63376363/"}], "descriptions": [{"lang": "en", "value": "SKYSEA Client View and SKYMEC IT Manager provided by Sky Co.,LTD. configure the installation folder with improper file access permission settings. A non-administrative user may manipulate and/or place arbitrary files within the installation folder of the product. As a result, arbitrary code may be executed with the administrative privilege."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-276", "description": "Incorrect default permissions"}]}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2026-04-20T08:04:56.595Z"}}}, "cveMetadata": {"cveId": "CVE-2026-39454", "state": "PUBLISHED", "dateUpdated": "2026-04-20T13:28:56.536Z", "dateReserved": "2026-04-08T11:15:40.304Z", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "datePublished": "2026-04-20T08:04:56.595Z", "assignerShortName": "jpcert"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "SKYSEA Client View and SKYMEC IT Manager provided by Sky Co.,LTD. configure the installation folder with improper file access permission settings. A non-administrative user may manipulate and/or place arbitrary files within the installation folder of the product. As a result, arbitrary code may be executed with the administrative privilege."}], "id": "CVE-2026-39454", "lastModified": "2026-04-20T19:05:30.750", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "vultures@jpcert.or.jp", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "vultures@jpcert.or.jp", "type": "Secondary"}]}, "published": "2026-04-20T09:16:08.933", "references": [{"source": "vultures@jpcert.or.jp", "url": "https://jvn.jp/en/jp/JVN63376363/"}, {"source": "vultures@jpcert.or.jp", "url": "https://www.skyseaclientview.net/news/260420_01/"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-276"}], "source": "vultures@jpcert.or.jp", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,2024.005.10a]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "SKYMEC IT Manager", "source": "cna", "vendor": "Sky Co.,LTD."}, "product": "skymec_it_manager", "vendor": "skygroup"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,21.200.07j]"}}], "enrichment": {"confidence": 88.0, "confidence_source": "matching", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 88.0, "source": "matching"}]}, "original": {"product": "SKYSEA Client View", "source": "cna", "vendor": "Sky Co.,LTD."}, "product": "skysea_client_view", "vendor": "skygroup"}], "analysis": {"en": {"generated_at": "2026-04-20T09:20:57.978065+00:00", "value": {"mitigation_remediation": ["Update SKYMEC IT Manager and SKYSEA Client View to the latest vendor releases once available", "Configure the installation directory to deny write access to all non\u2011administrative users and allow execution only for administrative accounts", "Disable any features or services that allow non\u2011admin users to place files in the installation directory; enforce the principle of least privilege and monitor the folder for unexpected changes"], "summary": {"action": "Apply Patch", "impact": "Privilege Escalation leading to Arbitrary Code Execution"}, "threat_synthesis": {"affected_systems": "The vulnerability affects Sky Co.,LTD. SKYMEC IT Manager and SKYSEA Client View. Specific version information is not supplied in the CVE data, so all installed versions of these products should be considered potentially vulnerable until a vendor update is applied.", "description_and_impact": "Sky Co.,LTD. products SKYMEC IT Manager and SKYSEA Client View allow a non\u2011administrative user to create or modify files in their installation directory because the directory is written with overly permissive access settings. This misconfiguration permits the execution of arbitrary code with the privileges that the product runs under, effectively giving the attacker administrative access within the system. The flaw is a Permissions Issue (CWE\u2011276) and can compromise confidentiality, integrity and availability of affected systems.", "risk_and_exploitability": "The CVSS score of 8.5 marks this as a high\u2011severity issue. EPSS data is not available, and the vulnerability is not listed in the CISA KEV catalog, indicating no confirmed widespread exploitation yet. The likely attack path is local: a non\u2011admin user can place malicious files in the installation folder, though the affect may be amplified if an attacker can remotely inject files through exposed services or network shares. The lack of hard evidence for exploitation means the actual risk may be lower than the score alone suggests, but the potential for full administrative compromise warrants immediate action."}}}}, "created": "2026-04-20T09:30:03.368547+00:00", "updated": "2026-04-20T14:58:02.071179+00:00", "vendors": ["skygroup", "skygroup$PRODUCT$skymec_it_manager", "skygroup$PRODUCT$skysea_client_view"]}