Search
Find a vulnerability
Search criteria
2 vulnerabilities found for RevoWorks SCVX by J’s Communication Co., Ltd.
CVE-2025-26698 (GCVE-0-2025-26698)
Vulnerability from nvd – Published: 2025-02-26 08:42 – Updated: 2025-02-26 15:32
VLAI
Summary
Incorrect resource transfer between spheres issue exists in RevoWorks SCVX and RevoWorks Browser. If exploited, malicious files may be downloaded to the system where using the product.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-669 - Incorrect resource transfer between spheres
Assigner
References
2 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| J’s Communication Co., Ltd. | RevoWorks SCVX |
Affected:
4.0.234 and earlier 4 series versions
Affected: 5.0.7 and earlier 5 series versions |
|
| J’s Communication Co., Ltd. | RevoWorks Browser |
Affected:
2.2.100 and earlier 2 series versions
Affected: 3.0.1 and earlier 3 series versions |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-26698",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T14:46:43.527797Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T15:32:14.346Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "RevoWorks SCVX",
"vendor": "J\u2019s Communication Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "4.0.234 and earlier 4 series versions"
},
{
"status": "affected",
"version": "5.0.7 and earlier 5 series versions"
}
]
},
{
"product": "RevoWorks Browser",
"vendor": "J\u2019s Communication Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "2.2.100 and earlier 2 series versions"
},
{
"status": "affected",
"version": "3.0.1 and earlier 3 series versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Incorrect resource transfer between spheres issue exists in RevoWorks SCVX and RevoWorks Browser. If exploited, malicious files may be downloaded to the system where using the product."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-669",
"description": "Incorrect resource transfer between spheres",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T08:42:53.924Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://jscom.jp/news-20250217/"
},
{
"url": "https://jvn.jp/en/jp/JVN91300609/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2025-26698",
"datePublished": "2025-02-26T08:42:53.924Z",
"dateReserved": "2025-02-14T04:32:33.696Z",
"dateUpdated": "2025-02-26T15:32:14.346Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-26698 (GCVE-0-2025-26698)
Vulnerability from cvelistv5 – Published: 2025-02-26 08:42 – Updated: 2025-02-26 15:32
VLAI
Summary
Incorrect resource transfer between spheres issue exists in RevoWorks SCVX and RevoWorks Browser. If exploited, malicious files may be downloaded to the system where using the product.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-669 - Incorrect resource transfer between spheres
Assigner
References
2 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| J’s Communication Co., Ltd. | RevoWorks SCVX |
Affected:
4.0.234 and earlier 4 series versions
Affected: 5.0.7 and earlier 5 series versions |
|
| J’s Communication Co., Ltd. | RevoWorks Browser |
Affected:
2.2.100 and earlier 2 series versions
Affected: 3.0.1 and earlier 3 series versions |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-26698",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T14:46:43.527797Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T15:32:14.346Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "RevoWorks SCVX",
"vendor": "J\u2019s Communication Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "4.0.234 and earlier 4 series versions"
},
{
"status": "affected",
"version": "5.0.7 and earlier 5 series versions"
}
]
},
{
"product": "RevoWorks Browser",
"vendor": "J\u2019s Communication Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "2.2.100 and earlier 2 series versions"
},
{
"status": "affected",
"version": "3.0.1 and earlier 3 series versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Incorrect resource transfer between spheres issue exists in RevoWorks SCVX and RevoWorks Browser. If exploited, malicious files may be downloaded to the system where using the product."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 2.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-669",
"description": "Incorrect resource transfer between spheres",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T08:42:53.924Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://jscom.jp/news-20250217/"
},
{
"url": "https://jvn.jp/en/jp/JVN91300609/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2025-26698",
"datePublished": "2025-02-26T08:42:53.924Z",
"dateReserved": "2025-02-14T04:32:33.696Z",
"dateUpdated": "2025-02-26T15:32:14.346Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}