CVE-2026-24016
Insecure DLL Loading in ServerView Agent Installer Enables Privileged Code Execution
Publication date: 2026-01-21
Last updated on: 2026-02-24
Assigner: JPCERT/CC
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| fsas_technologies_inc | serverview_agents_for_windows | to 11.50.06 (exc) |
| fsas_technologies_inc | serverview_agents_for_windows | From 11.60.04 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-427 | The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the installer of ServerView Agents for Windows (version 11.50.06 and earlier) by Fsas Technologies Inc. The installer insecurely loads Dynamic Link Libraries (DLLs) due to a DLL search path issue, which can allow an attacker to execute arbitrary code with administrator privileges when the installer is run. [1, 2]
How can this vulnerability impact me? :
If exploited, this vulnerability allows an attacker to execute arbitrary code with administrator privileges on the affected system. This can lead to full system compromise, unauthorized access, data theft, or disruption of services. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately update the ServerView Agents for Windows installer to version V11.60.04 or later, which addresses the DLL search path issue. Download the updated installer from the PRIMERGY product support page provided by Fsas Technologies Inc. Avoid running the vulnerable installer versions (V11.50.06 and earlier) to prevent arbitrary code execution with administrator privileges. [1, 2]