Protection Mechanism Failure in RevoWorks SCVX and RevoWorks Browser - CVE-2024-25091
Published: February 29, 2024
Vulnerability identifier: #VU86921
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-25091
CWE-ID: CWE-693
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: J’s Communication Co
Affected software:
RevoWorks SCVX
RevoWorks Browser
RevoWorks SCVX
RevoWorks Browser
Detailed vulnerability description
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to insufficient implementation of security measures. An attacker can bypass implemented security restrictions and elevate privileges on the system.
How to mitigate CVE-2024-25091
Install updates from vendor's website.