DLL Loading vulnerability in NEC Corporation RakurakuMusen Start EX All Verisons allows a attacker to manipulate the PC environment to cause unintended operations on the user's device.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction Active

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

No data.

No data.

No data.

References
Link Providers
https://jpn.nec.com/security-info/secinfo/nv25-007_en.html cve-icon cve-icon
History

Wed, 19 Nov 2025 01:30:00 +0000

Type Values Removed Values Added
Description DLL Loading vulnerability in NEC Corporation RakurakuMusen Start EX All Verisons allows a attacker to manipulate the PC environment to cause unintended operations on the user's device.
Weaknesses CWE-427
References
Metrics cvssV4_0

{'score': 8.4, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}
cve-icon MITRE

Status: PUBLISHED

Assigner: NEC

Published: 2025-11-19T01:01:46.374Z

Updated: 2025-11-19T01:01:46.374Z

Reserved: 2025-11-07T04:30:21.085Z

Link: CVE-2025-12852

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2025-11-19T02:15:43.443

Modified: 2025-11-19T02:15:43.443

Link: CVE-2025-12852

cve-icon Redhat

No data.