CVE-2025-57846

Description

Multiple i-フィルター products contain an issue with incorrect default permissions. If this vulnerability is exploited, a local authenticated attacker may replace a service executable on the system where the product is running, potentially allowing arbitrary code execution with SYSTEM privileges.

Category

8.5
CVSS
Severity: High
CVSS 4.0 •
CVSS 3.0 •
EPSS 0.01%
Affected: Digital Arts Inc. i-フィルター 6.0
Affected: Digital Arts Inc. i-フィルター for マルチデバイス
Affected: Digital Arts Inc. i-フィルター for ZAQ
Affected: Digital Arts Inc. i-フィルター for ネットカフェ
Affected: Digital Arts Inc. i-FILTER ブラウザー&クラウド MultiAgent for Windows
Affected: Fujitsu Limited FENCE-Mobile RemoteManager i-FILTER Browser Service
Affected: OPTiM Corporation Optimal Biz Web Filtering Powered by i-FILTER (Windows version)
Published at:
Updated at:

References

Link Tags
https://www.daj.jp/shared/php/downloadset/c/parts.php?page=dl&filename=information_20250827_01.pdf
https://www.daj.jp/shared/php/downloadset/c/parts.php?page=dl&filename=information_20250827_02.pdf
https://jvn.jp/en/jp/JVN55678602/

Frequently Asked Questions

What is the severity of CVE-2025-57846?
CVE-2025-57846 has been scored as a high severity vulnerability.
How to fix CVE-2025-57846?
To fix CVE-2025-57846, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-57846 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2025-57846 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-57846?
CVE-2025-57846 affects Digital Arts Inc. i-フィルター 6.0, Digital Arts Inc. i-フィルター for マルチデバイス, Digital Arts Inc. i-フィルター for ZAQ, Digital Arts Inc. i-フィルター for ネットカフェ, Digital Arts Inc. i-FILTER ブラウザー&クラウド MultiAgent for Windows, Fujitsu Limited FENCE-Mobile RemoteManager i-FILTER Browser Service, OPTiM Corporation Optimal Biz Web Filtering Powered by i-FILTER (Windows version).
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.