Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for RevoWorks SCVX by J’s Communication Co., Ltd.

    CVE-2025-26698 (GCVE-0-2025-26698)

    Vulnerability from nvd – Published: 2025-02-26 08:42 – Updated: 2025-02-26 15:32
    VLAI
    Summary
    Incorrect resource transfer between spheres issue exists in RevoWorks SCVX and RevoWorks Browser. If exploited, malicious files may be downloaded to the system where using the product.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-669 - Incorrect resource transfer between spheres
    Assigner
    Impacted products
    Vendor Product Version
    J’s Communication Co., Ltd. RevoWorks SCVX Affected: 4.0.234 and earlier 4 series versions
    Affected: 5.0.7 and earlier 5 series versions
    Create a notification for this product.
    J’s Communication Co., Ltd. RevoWorks Browser Affected: 2.2.100 and earlier 2 series versions
    Affected: 3.0.1 and earlier 3 series versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-26698",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T14:46:43.527797Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T15:32:14.346Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "RevoWorks SCVX",
              "vendor": "J\u2019s Communication Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.0.234 and earlier 4 series versions"
                },
                {
                  "status": "affected",
                  "version": "5.0.7 and earlier 5 series versions"
                }
              ]
            },
            {
              "product": "RevoWorks Browser",
              "vendor": "J\u2019s Communication Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.2.100 and earlier 2 series versions"
                },
                {
                  "status": "affected",
                  "version": "3.0.1 and earlier 3 series versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Incorrect resource transfer between spheres issue exists in RevoWorks SCVX and RevoWorks Browser. If exploited, malicious files may be downloaded to the system where using the product."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 2.7,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N",
                "version": "3.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-669",
                  "description": "Incorrect resource transfer between spheres",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-26T08:42:53.924Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://jscom.jp/news-20250217/"
            },
            {
              "url": "https://jvn.jp/en/jp/JVN91300609/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-26698",
        "datePublished": "2025-02-26T08:42:53.924Z",
        "dateReserved": "2025-02-14T04:32:33.696Z",
        "dateUpdated": "2025-02-26T15:32:14.346Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-26698 (GCVE-0-2025-26698)

    Vulnerability from cvelistv5 – Published: 2025-02-26 08:42 – Updated: 2025-02-26 15:32
    VLAI
    Summary
    Incorrect resource transfer between spheres issue exists in RevoWorks SCVX and RevoWorks Browser. If exploited, malicious files may be downloaded to the system where using the product.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-669 - Incorrect resource transfer between spheres
    Assigner
    Impacted products
    Vendor Product Version
    J’s Communication Co., Ltd. RevoWorks SCVX Affected: 4.0.234 and earlier 4 series versions
    Affected: 5.0.7 and earlier 5 series versions
    Create a notification for this product.
    J’s Communication Co., Ltd. RevoWorks Browser Affected: 2.2.100 and earlier 2 series versions
    Affected: 3.0.1 and earlier 3 series versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-26698",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T14:46:43.527797Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T15:32:14.346Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "RevoWorks SCVX",
              "vendor": "J\u2019s Communication Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.0.234 and earlier 4 series versions"
                },
                {
                  "status": "affected",
                  "version": "5.0.7 and earlier 5 series versions"
                }
              ]
            },
            {
              "product": "RevoWorks Browser",
              "vendor": "J\u2019s Communication Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.2.100 and earlier 2 series versions"
                },
                {
                  "status": "affected",
                  "version": "3.0.1 and earlier 3 series versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Incorrect resource transfer between spheres issue exists in RevoWorks SCVX and RevoWorks Browser. If exploited, malicious files may be downloaded to the system where using the product."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "baseScore": 2.7,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N",
                "version": "3.0"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en-US",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-669",
                  "description": "Incorrect resource transfer between spheres",
                  "lang": "en-US",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-26T08:42:53.924Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "url": "https://jscom.jp/news-20250217/"
            },
            {
              "url": "https://jvn.jp/en/jp/JVN91300609/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2025-26698",
        "datePublished": "2025-02-26T08:42:53.924Z",
        "dateReserved": "2025-02-14T04:32:33.696Z",
        "dateUpdated": "2025-02-26T15:32:14.346Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }