This security bulletin contains one high risk vulnerability.
Exploit availability: NoDescription
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to the improper data processing when applying the software update. A remote attacker can perform an attack, such as a man-in-the-middle (MITM), subdomain takeover, and etc. to execute arbitrary code on the target system.Mitigation
Install updates from vendor's website.Vulnerable software versions
Cybozu Desktop for Windows: 2.0.23 - 2.2.40
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?