Primary

Context

RevoWorks Products Incorrect Resource Transfer Vulnerability Allowing Malicious File Downloads

Vulnerability

Patched

A vulnerability exists in RevoWorks SCVX and RevoWorks Browser that allows for incorrect resource transfer between isolated environments, potentially leading to the download of malicious files. This issue affects RevoWorks SCVX versions 4.0.234 and earlier, as well as 5.0.7 and earlier. In RevoWorks Browser, the vulnerability is present in versions 2.2.100 and earlier, and 3.0.1 and earlier.

Impact

Exploitation of this vulnerability could result in the unintended download of harmful files to the user's system.

Remediation

Users of RevoWorks SCVX should apply the latest patch and update to version 5.0.16_446. RevoWorks Browser users should update to version 2.2.101 or 3.0.2, depending on their current version.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

RevoWorks Products Incorrect Resource Transfer Vulnerability Allowing Malicious File Downloads

Vulnerability

Impact

Remediation

Affected Products

J's Communication RevoWorks SCVX

J's Communication RevoWorks Browser

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating