CVE-2026-32679
Last modified
CVE-2026-32679 is a high-severity vulnerability rated 8.4/10 on the CVSS scale. The installers of LiveOn Meet Client for Windows (Downloader5Installer.exe and Downloader5InstallerForAdmin.exe) and the installers of Canon Network Camera Plugin (CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe) insecurely load Dynamic Link Libraries (DLLs). If a malicious DLL is placed at the same directory, the affected installer may load that DLL and execute its code with the privilege of the user invoking the installer.. EPSS estimates a 0.16% chance of exploitation in the next 30 days.
Description
The installers of LiveOn Meet Client for Windows (Downloader5Installer.exe and Downloader5InstallerForAdmin.exe) and the installers of Canon Network Camera Plugin (CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe) insecurely load Dynamic Link Libraries (DLLs). If a malicious DLL is placed at the same directory, the affected installer may load that DLL and execute its code with the privilege of the user invoking the installer.
Metrics
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Liveon | Canonnwcamplugin.Exe | 1.0.0.0 |
| Liveon | Canonnwcampluginforadmin.Exe | 1.0.0.0 |
| Liveon | Downloader5installer.Exe | 1.0.0.0 |
| Liveon | Downloader5installerforadmin.Exe | 1.0.0.0 |
References
- https://jvn.jp/en/jp/JVN45563482/Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2026-32679?
How severe is CVE-2026-32679?
How do I fix CVE-2026-32679?
Are you affected by CVE-2026-32679?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST