Home

Description

The installer for Roland Cloud Manager ver.3.1.19 and prior insecurely loads Dynamic Link Libraries (DLLs), which could allow an attacker to execute arbitrary code with the privileges of the application.

PUBLISHED Reserved 2026-01-27 | Published 2026-02-03 | Updated 2026-02-03 | Assigner jpcert




HIGH: 7.8CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

HIGH: 8.4CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

Uncontrolled Search Path Element

Product status

ver.3.1.19 and prior
affected

References

www.roland.com/.../products/rc_roland_cloud_manager/support/

jvn.jp/en/jp/JVN89992160/

cve.org (CVE-2026-24694)

nvd.nist.gov (CVE-2026-24694)

Download JSON