Vulnerability Details CVE-2026-39454
SKYSEA Client View and SKYMEC IT Manager provided by Sky Co.,LTD. configure the installation folder with improper file access permission settings. A non-administrative user may manipulate and/or place arbitrary files within the installation folder of the product. As a result, arbitrary code may be executed with the administrative privilege.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.2%
CVSS Severity
CVSS v3 Score 7.8
Products affected by CVE-2026-39454
-
cpe:2.3:a:skygroup:skymec_it_manager:*
-
cpe:2.3:a:skygroup:skysea_client_view:1.020.05b
-
cpe:2.3:a:skygroup:skysea_client_view:11.220.05p
-
cpe:2.3:a:skygroup:skysea_client_view:11.221.03
-
cpe:2.3:a:skygroup:skysea_client_view:12.200.12n
-
cpe:2.3:a:skygroup:skysea_client_view:15.200.13i
-
cpe:2.3:a:skygroup:skysea_client_view:15.210.05f
-
cpe:2.3:a:skygroup:skysea_client_view:16.001.01g
-
cpe:2.3:a:skygroup:skysea_client_view:16.100.06f
-
cpe:2.3:a:skygroup:skysea_client_view:19.101.01a
-
cpe:2.3:a:skygroup:skysea_client_view:19.300.09h
-
cpe:2.3:a:skygroup:skysea_client_view:6.010.06