PatchSiren cyber security CVE debrief
CVE-2026-50255 Sony Corporation CVE debrief
An incorrect default permissions issue exists in Optical Disc Archive Software for Windows 5.5.3 and earlier. If this vulnerability is exploited, arbitrary code may be executed with SYSTEM privileges.
- Vendor
- Sony Corporation
- Product
- Optical Disc Archive Software for Windows
- CVSS
- MEDIUM 5.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-16
- Original CVE updated
- 2026-06-16
- Advisory published
- 2026-06-16
- Advisory updated
- 2026-06-16
Who should care
Users of Optical Disc Archive Software for Windows 5.5.3 and earlier should apply patches or updates to mitigate this vulnerability.
Technical summary
The vulnerability has a CVSS score of 5.4 and is classified as MEDIUM severity. It is related to CWE-276, which involves incorrect default permissions.
Defensive priority
MEDIUM
Recommended defensive actions
- Apply patches or updates provided by the vendor to fix the incorrect default permissions issue.
- Review and adjust permissions for Optical Disc Archive Software to prevent exploitation.
Evidence notes
The CVE record was published on 2026-06-16T06:16:58.180Z and has not been modified since then. The vulnerability was reported by [email protected].
Official resources
CVE-2026-50255 was published on 2026-06-16T06:16:58.180Z.