Dear Customers,
We would like to thank you for your continued support of FUJIFILM Business Innovation products.A vulnerability has been identified in beat‑access for Windows, a remote access software provided as part of the beat service, which may allow malicious code to be executed from the local environment.
At the time of posting this notice, no attacks exploiting this vulnerability have been confirmed. However, we strongly recommend that customers using beat‑access for Windows promptly update to the latest version (4.0.0 or later).
We apologize for any inconvenience this may cause and appreciate your understanding and cooperation.
The vulnerability exists in beat‑access for Windows provided to customers using the “beat Remote Access Service (Optional).”There is no impact if the software is installed in the default installation folder.
・CVE-2026-21408 (CVSSv4 base score 5.4) : Uncontrolled Search Path Element (CWE‑427)
Product: beat‑access for Windows
Affected versions: Version 3.0.3 and earlier
・How to Check Version
Start beat‑access for Windows and select
"ヘルプ(H)"→"バージョン情報(A)" from the menu bar. The software version is displayed beneath the software name (e.g., version 3.0.3).
Customers are strongly recommended to update to the latest version (4.0.0 or later).
・How to Get the Latest Version
From inside the beat‑box LAN:
Log in at http://beat-box.intranet:8080/beatman/ (IP address may be used instead of "beat‑box.intranet").
Navigate to "利用" > "PC 用ソフトウェアのダウンロード" > "ダウンロード" to download the latest software.
From the Internet:
We would like to express our gratitude to Mr. Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. for the finding of the vulnerability.
beat Contact Center
FAQ: