ByteOS Network

NVD Vulnerability Details :

CVE-2026-5397

Awaiting Analysis

Source-bba440f9-ef23-4224-aa62-7ac0935d18d1

Published At-15 Apr, 2026 | 05:16

Updated At-17 Apr, 2026 | 15:17

It has been identified that a vulnerability (CWE-427) exists in the UPS (Uninterruptible Power Supply) management application, whereby improper permissions on the installation directory allow a malicious actor to place a DLL that is then executed with administrator privileges. If a malicious DLL is placed in the installation directory of this product, there is a possibility that the malicious DLL may be executed by exploiting the product’s behavior of loading missing DLLs from the same directory as the executable during service startup.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	7.8	HIGH	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Type: Secondary

Version: 3.1

Base score: 7.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Weaknesses

CWE ID	Type	Source
CWE-427	Secondary	bba440f9-ef23-4224-aa62-7ac0935d18d1

CWE ID: CWE-427

Type: Secondary

Source: bba440f9-ef23-4224-aa62-7ac0935d18d1

References

Hyperlink	Source	Resource
https://www.omron.com/global/en/inquiry/data/OMSR-2026-001_en.pdf	bba440f9-ef23-4224-aa62-7ac0935d18d1	N/A
https://www.omron.com/jp/ja/inquiry/data/OMSR-2026-001_ja.pdf	bba440f9-ef23-4224-aa62-7ac0935d18d1	N/A

Hyperlink: https://www.omron.com/global/en/inquiry/data/OMSR-2026-001_en.pdf

Source: bba440f9-ef23-4224-aa62-7ac0935d18d1

Resource: N/A

Hyperlink: https://www.omron.com/jp/ja/inquiry/data/OMSR-2026-001_ja.pdf

Source: bba440f9-ef23-4224-aa62-7ac0935d18d1

Resource: N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History