CVE-2024-47560

Summary

RevoWorks Cloud Client 3.0.91 and earlier contains an incorrect authorization vulnerability. If this vulnerability is exploited, unintended processes may be executed in the sandbox environment. Even if malware is executed in the sandbox environment, it does not compromise the client's local environment. However, information in the sandbox environment may be disclosed to outside or behaviors of the sandbox environment may be violated by tampering registry.

Affected Software

VendorProductVersion RangeStatus
J’s Communication Co., Ltd.RevoWorks Cloud Client3.0.91 and earlieraffected

Weaknesses

  • CWE-863: Incorrect authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References