{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25676", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "state": "PUBLISHED", "assignerShortName": "jpcert", "dateReserved": "2026-02-05T00:21:20.346Z", "datePublished": "2026-02-12T04:26:04.933Z", "dateUpdated": "2026-02-12T15:07:19.491Z"}, "containers": {"cna": {"affected": [{"vendor": "M-Audio", "product": "M-Track Duo HD", "versions": [{"version": "1.0.0", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "The installer of M-Track Duo HD version 1.0.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrator privileges."}], "problemTypes": [{"descriptions": [{"description": "Uncontrolled Search Path Element", "lang": "en-US", "cweId": "CWE-427", "type": "CWE"}]}], "references": [{"url": "https://www.m-audio.com/audio-midi-interfaces/m-track-duo-hd.html"}, {"url": "https://jvn.jp/en/jp/JVN88690363/"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_0": {"version": "3.0", "baseSeverity": "HIGH", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}}, {"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV4_0": {"version": "4.0", "baseSeverity": "HIGH", "baseScore": 7.1, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2026-02-12T04:26:04.933Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-12T15:07:05.662749Z", "id": "CVE-2026-25676", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-12T15:07:19.491Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-25676", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-12T15:07:05.662749Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-12T15:07:11.040Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"version": "4.0", "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "M-Audio", "product": "M-Track Duo HD", "versions": [{"status": "affected", "version": "1.0.0"}]}], "references": [{"url": "https://www.m-audio.com/audio-midi-interfaces/m-track-duo-hd.html"}, {"url": "https://jvn.jp/en/jp/JVN88690363/"}], "descriptions": [{"lang": "en", "value": "The installer of M-Track Duo HD version 1.0.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrator privileges."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-427", "description": "Uncontrolled Search Path Element"}]}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2026-02-12T04:26:04.933Z"}}}, "cveMetadata": {"cveId": "CVE-2026-25676", "state": "PUBLISHED", "dateUpdated": "2026-02-12T15:07:19.491Z", "dateReserved": "2026-02-05T00:21:20.346Z", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "datePublished": "2026-02-12T04:26:04.933Z", "assignerShortName": "jpcert"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The installer of M-Track Duo HD version 1.0.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrator privileges."}, {"lang": "es", "value": "El instalador de M-Track Duo HD versi\u00f3n 1.0.0 contiene un problema con la ruta de b\u00fasqueda de DLL, lo que puede llevar a la carga insegura de Bibliotecas de Enlace Din\u00e1mico. Como resultado, se puede ejecutar c\u00f3digo arbitrario con privilegios de administrador."}], "id": "CVE-2026-25676", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "vultures@jpcert.or.jp", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "vultures@jpcert.or.jp", "type": "Secondary"}]}, "published": "2026-02-12T05:17:04.020", "references": [{"source": "vultures@jpcert.or.jp", "url": "https://jvn.jp/en/jp/JVN88690363/"}, {"source": "vultures@jpcert.or.jp", "url": "https://www.m-audio.com/audio-midi-interfaces/m-track-duo-hd.html"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-427"}], "source": "vultures@jpcert.or.jp", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.0.0"}}], "product": "m-track_duo_hd", "vendor": "m-audio"}], "analysis": {"en": {"generated_at": "2026-04-17T20:07:12.643111+00:00", "value": {"mitigation_remediation": ["Obtain and install the latest firmware or installer from M\u2011Audio that removes the insecure DLL search path handling.", "Before running the installer, verify that the working directory contains no unknown DLLs and that the system PATH environment variable does not include untrusted paths.", "If a vendor update is not yet available, run the installer from a dedicated, isolated directory and consider using application whitelisting or disabling DLL search path manipulation via Group Policy to prevent untrusted libraries from being loaded."], "summary": {"action": "Immediate Patch", "impact": "Privilege Escalation via Arbitrary Code Execution with Administrator Privileges"}, "threat_synthesis": {"affected_systems": "Only the M\u2011Audio M\u2011Track Duo HD handheld device is affected, specifically the installer packaged in version 1.0.0. No other product variations or firmware versions are listed as impacted.", "description_and_impact": "The installer for M\u2011Audio M\u2011Track Duo HD version 1.0.0 contains an insecure DLL search path that allows an attacker to supply a malicious DLL that will be loaded during installation. If the installer runs with elevated privileges, this flaw permits execution of arbitrary code with full administrative rights. The vulnerability is classified as CWE-427, indicating path manipulation that leads to the uninhibited loading of untrusted libraries.", "risk_and_exploitability": "The CVSS base score is 7.1, indicating moderate to high severity. The EPSS probability is less than 1 percent, implying that exploitation is currently uncommon or unlikely. The vulnerability is not yet listed in the CISA KEV catalog. The likely attack vector is local; an attacker must be able to place a crafted DLL in the installer\u2019s search path or otherwise persuade the installer to load an untrusted library. Because the installer elevates to administrative privileges, successful exploitation results in full control of the host machine."}}}}, "created": "2026-02-12T09:02:00.839074+00:00", "title": "Insecure DLL Search Path in M\u2011Track Duo HD Installer Allows Privilege Escalation via Arbitrary Code Execution", "updated": "2026-04-17T20:15:26.998212+00:00", "vendors": ["m-audio", "m-audio$PRODUCT$m-track_duo_hd"]}