Security Bulletins

Response to Vulnerability Caused by Unquoted Windows Service Executable File Paths

09/02/2026

Response to Vulnerability Caused by Unquoted Windows Service Executable File Paths

February 9, 2026

Oki Electric Industry Co., Ltd.

Thank you for using our products.

Executive Summary

A vulnerability (CVE-2026-24466) has been identified in the utilities specified below, where the executable file paths for Windows services are not enclosed in quotation marks.

Vulnerability Severity

CVSS Version: v3.0 Base

Score: Medium Vector

String: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/BS:6.7)

Affected Utilities

The affected utilities and versions are listed below.

Utility (All Windows Versions)	Affected Versions
Configuration Tool	2.0.1 or earlier 1.8.1 or earlier(for Pro3 series)
smart Print Super Vision	2.0.2 or earlier
Print Job Accounting	4.4.13 or earlier
Print Job Accounting Lite	4.4.13.2 or earlier
Web Driver Installer	1.5.11 or earlier
Storage Device Manager	3.0.0.1 ~ 3.2.0.0
PDF Print Direct	4.0.0 ~ 4.5.2
Profile Assistant	2.1.0 ~ 2.2.1

Vulnerability Details

There is a risk that unauthorized files may be executed because Windows service executable file paths are not enclosed in quotation marks.

Countermeasures

This vulnerability can be addressed by updating the affected utilities to the fixed versions or by applying the provided patches.

Updating to Fixed Versions:

Please download the fixed versions of the relevant utilities from our website and update accordingly.

Utility (All Windows Versions)	Fixed Version
Configuration Tool	2.0.2 1.8.2 (for Pro3 series)
smart Print Super Vision	2.0.3

Applying Patches:

Please download and apply the appropriate patches for the affected utilities from our website.

Please note that updated versions of these utilities will also be released on our website at a later date.

Utility (All Windows Versions)	Patch
Print Job Accounting	Patch for Print Job Accounting
Print Job Accounting Lite	Patch for Print Job Accounting
Web Driver Installer	Patch for Web Driver Installer
Storage Device Manager	Patch for Storage Device Manager
PDF Print Direct	Patch for PDF Print Direct
Profile Assistant	Patch for Profile Assistant

SW	Version	OEL Drivers & Utilities \| Support \| OKI Europe Ltd
smart PrintSuperVision	2.0.3(1)	Link
Configuration Tool	2.0.2(1)	Link
Patch for Print Job Accounting	1.0.0	Link
Patch for Web Driver Installer	1.0.0	Link
Patch for Storage Device Manager	1.0.0	Link
Patch for PDF Print Direct		Link
Patch for Profile Assistant		Link

2026

PRINTERS & MFPs

CONSUMABLES

TECHNOLOGIES

MORE

BY APPLICATION

BY INDUSTRY

MORE

CONSUMABLES

DOWNLOADS

MORE

Corporate Information

Our Brand

News Room

SELECT A COUNTRY

Go to a each country's top page

Europe

Americas

Middle-East/Africa

Asia/Oceania

About Cookies on this site:

Response to Vulnerability Caused by Unquoted Windows Service Executable File Paths

Response to Vulnerability Caused by Unquoted Windows Service Executable File Paths

Executive Summary

Vulnerability Severity

Affected Utilities

Vulnerability Details

Countermeasures

Updating to Fixed Versions:

Applying Patches: