Response to Vulnerability Caused by Unquoted Windows Service Executable File Paths
February 9, 2026
Oki Electric Industry Co., Ltd.
Thank you for using our products.
ประกาศด้านความปลอดภัย (Security Bulletins)
Response to Vulnerability Caused by Unquoted Windows Service Executable File Paths
09/02/2026
Executive Summary:
A vulnerability (CVE-2026-24466) has been identified in the utilities specified below, where the executable file paths for Windows services are not enclosed in quotation marks.
Vulnerability Severity:
• CVSS Version:v3.0
• Base Score: Medium
• Vector String: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/BS:6.7)
Affected Utilities:
The affected utilities and versions are listed below.
Utility (All Windows Versions) | Affected Versions |
Configuration Tool | 2.0.1 or earlier 1.8.1 or earlier (for Pro3 series) |
smart Print Super Vision | 2.0.2 or earlier |
Print Job Accounting | 4.4.13 or earlier |
Print Job Accounting Lite | 4.4.13.2 or earlier |
Web Driver Installer | 1.5.11 or earlier |
Storage Device Manager | 3.0.0.1 ~ 3.2.0.0 |
PDF Print Direct | 4.0.0~ 4.5.2 |
Profile Assistant | 2.1.0~ 2.2.1 |
Vulnerability Details:
There is a risk that unauthorized files may be executed because Windows service executable file paths are not enclosed in quotation marks.
Countermeasures:
This vulnerability can be addressed by updating the affected utilities to the fixed versions or by applying the provided patches.
Updating to Fixed Versions:
Please download the fixed versions of the relevant utilities from our website and update accordingly.
Utility (All Windows Versions) | Fixed Version |
Configuration Tool | 2.0.2 1.8.2 (for Pro3 series) |
smart Print Super Vision | 2.0.2 |
Applying Patches:
Please download and apply the appropriate patches for the affected utilities from our website.
Please note that updated versions of these utilities will also be released on our website at a later date.
Utility (All Windows Versions) | Patch |
Print Job Accounting | Patch for Print Job Accounting |
Print Job Accounting Lite | Patch for Print Job Accounting |
Web Driver Installer | Patch for Web Driver Installer |
Storage Device Manager | Patch for Storage Device Manager |
PDF Print Direct | Patch for PDF Print Direct |
Profile Assistant | Patch for Profile Assistant |
©1995-2020 Oki Systems (Thailand) Ltd.