Protection Mechanism Failure in RevoWorks SCVX and RevoWorks Browser - CVE-2024-25091

 

Protection Mechanism Failure in RevoWorks SCVX and RevoWorks Browser - CVE-2024-25091

Published: February 29, 2024


Vulnerability identifier: #VU86921
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-25091
CWE-ID: CWE-693
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: J’s Communication Co
Affected software:
RevoWorks SCVX
RevoWorks Browser

Detailed vulnerability description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient implementation of security measures. An attacker can bypass implemented security restrictions and elevate privileges on the system.


How to mitigate CVE-2024-25091

Install updates from vendor's website.

Sources