CVE-2026-27776 | THREATINT

Description

IM-LogicDesigner module of intra-mart Accel Platform contains insecure deserialization issue. This can be exploited only when IM-LogicDesigner is deployed on the system. Arbitrary code may be executed when some crafted file is imported by a user with the administrative privilege.

PUBLISHED Reserved 2026-02-24 | Published 2026-02-27 | Updated 2026-02-27 | Assigner jpcert

HIGH: 7.2CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

HIGH: 8.6CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

Deserialization of untrusted data

Product status

2017 Spring (8.0.4) through 2025 Autumn (8.0.27)

affected

References

global.intra-mart.support/hc/en-us/articles/55266898383641

jvn.jp/en/jp/JVN80500630/

cve.org (CVE-2026-27776)

nvd.nist.gov (CVE-2026-27776)

Download JSON