DLL Execution Vulnerability in Omron UPS Management Application
CVE-2026-5397

7.8HIGH

Key Information:

Vendor: Omron Social Solutions Co., Ltd.
Status: Powerattendant Standard Edition
Vendor: CVE Published:; 15 April 2026

🔔 Create Omron Social Solutions Co., Ltd. Vulnerability Alert

What is CVE-2026-5397?

A security flaw in Omron's UPS Management Application allows attackers to exploit improper permissions on the application’s installation directory. This vulnerability enables malicious actors to place a dynamically linked library (DLL) file within the directory, which can be executed with elevated administrator privileges. The application’s behavior of loading DLLs from the same directory during service startup makes it susceptible to such attacks, posing a significant risk to system integrity. Organizations utilizing this UPS management software should take immediate steps to assess their environments and mitigate potential threats.

Affected Version(s)

PowerAttendant Standard Edition Windows 2.1.2 or lower

References

https://www.omron.com/jp/ja/inquiry/data/OMSR-2026-001_ja...

https://www.omron.com/global/en/inquiry/data/OMSR-2026-00...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 15, 2026
Vulnerability Reserved
Apr 2, 2026

CVE-2026-5397 Data

JSON