Refine your search
1 vulnerability found for Universal Printer Driver for BR-Script (PostScript language emulation) by Brother Industries
jvndb-2026-001732
Vulnerability from jvndb
Published
2026-01-26 16:04
Modified
2026-01-26 16:04
Severity ?
Summary
Multiple Brother software installers may insecurely load Dynamic Link Libraries
Details
Multiple software installers provided by Brother Industries, Ltd. may insecurely load some dynamic link libraries.<ul><li>Uncontrolled search path element (CWE-427) - CVE-2016-2542, CVE-2021-41526</li></ul>Kazuma Matsumoto of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to Brother Industries, Ltd. and coordinated.
After the coordination was completed, Brother Industries, Ltd. reported the case to JPCERT/CC to notify users of the solution through JVN.
References
| Type | URL | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-001732.html",
"dc:date": "2026-01-26T16:04+09:00",
"dcterms:issued": "2026-01-26T16:04+09:00",
"dcterms:modified": "2026-01-26T16:04+09:00",
"description": "Multiple software installers provided by Brother Industries, Ltd. may insecurely load some dynamic link libraries.\u003cul\u003e\u003cli\u003eUncontrolled search path element (CWE-427) - CVE-2016-2542, CVE-2021-41526\u003c/li\u003e\u003c/ul\u003eKazuma Matsumoto of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to Brother Industries, Ltd. and coordinated.\r\nAfter the coordination was completed, Brother Industries, Ltd. reported the case to JPCERT/CC to notify users of the solution through JVN.",
"link": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-001732.html",
"sec:cpe": [
{
"#text": "cpe:/a:brother:software_update_notification_updater",
"@product": "Software Update Notification Updater",
"@vendor": "Brother Industries",
"@version": "2.2"
},
{
"#text": "cpe:/a:brother:status_monitor_update_tool",
"@product": "Status Monitor Update Tool",
"@vendor": "Brother Industries",
"@version": "2.2"
},
{
"#text": "cpe:/o:brother:universal_printer_driver",
"@product": "Universal Printer Driver",
"@vendor": "Brother Industries",
"@version": "2.2"
},
{
"#text": "cpe:/o:brother:universal_printer_driver_for_br-script",
"@product": "Universal Printer Driver for BR-Script (PostScript language emulation)",
"@vendor": "Brother Industries",
"@version": "2.2"
},
{
"#text": "cpe:/o:brother:universal_printer_driver_for_pcl",
"@product": "Universal Printer Driver for PCL",
"@vendor": "Brother Industries",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "7.8",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"@version": "3.0"
},
"sec:identifier": "JVNDB-2026-001732",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU93474119/index.html",
"@id": "JVNVU#93474119",
"@source": "JVN"
},
{
"#text": "https://jvn.jp/en/ta/JVNTA91240916/",
"@id": "JVNTA#91240916",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2016-2542",
"@id": "CVE-2016-2542",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2021-41526",
"@id": "CVE-2021-41526",
"@source": "CVE"
},
{
"#text": "https://cwe.mitre.org/data/definitions/427.html",
"@id": "CWE-427",
"@title": "Uncontrolled Search Path Element(CWE-427)"
}
],
"title": "Multiple Brother software installers may insecurely load Dynamic Link Libraries"
}