Incorrect default permissions issue exists in Pupsman versions prior to 3.9.0. An attacker can place a malicious executable in the installation folder, which results in arbitrary code execution with SYSTEM privilegeReferenceshttps://www.fujielectric.co.jp/products/power_supply/ups/product_detail/software_pupsman.htmlhttps://jvn.jp/en/jp/JVN62347140/