Vulnerability Description
Untrusted search path vulnerability in CELSYS, Inc CLIP STUDIO series (CLIP STUDIO PAINT (for Windows) EX/PRO/DEBUT Ver.1.7.3 and earlier, CLIP STUDIO ACTION (for Windows) Ver.1.5.5 and earlier, with its timestamp prior to April 25, 2018, 12:11:31, and CLIP STUDIO MODELER (for Windows) Ver.1.6.3 and earlier, with its timestamp prior to April 25, 2018, 17:02:49) allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Celsys | Clip Studio Action | <= 1.5.5 |
| Celsys | Clip Studio Modeler | <= 1.6.3 |
| Celsys | Clip Studio Paint | <= 1.7.3 |
Related Weaknesses (CWE)
References
- http://www.clipstudio.net/en/dlVendor Advisory
- https://jvn.jp/en/jp/JVN68345747/Third Party AdvisoryVDB Entry
- https://www.clip-studio.com/clip_site/download/clipstudioaction/csaupdater/indexVendor Advisory
- http://www.clipstudio.net/en/dlVendor Advisory
- https://jvn.jp/en/jp/JVN68345747/Third Party AdvisoryVDB Entry
- https://www.clip-studio.com/clip_site/download/clipstudioaction/csaupdater/indexVendor Advisory
FAQ
What is CVE-2018-0580?
CVE-2018-0580 is a vulnerability with a CVSS score of 7.8 (HIGH). Untrusted search path vulnerability in CELSYS, Inc CLIP STUDIO series (CLIP STUDIO PAINT (for Windows) EX/PRO/DEBUT Ver.1.7.3 and earlier, CLIP STUDIO ACTION (for Windows) Ver.1.5.5 and earlier, with ...
How severe is CVE-2018-0580?
CVE-2018-0580 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-0580?
Check the references section above for vendor advisories and patch information. Affected products include: Celsys Clip Studio Action, Celsys Clip Studio Modeler, Celsys Clip Studio Paint.