CVE-2025-26698

Summary

Incorrect resource transfer between spheres issue exists in RevoWorks SCVX and RevoWorks Browser. If exploited, malicious files may be downloaded to the system where using the product.

Affected Software

VendorProductVersion RangeStatus
J’s Communication Co., Ltd.RevoWorks SCVX4.0.234 and earlier 4 series versionsaffected
J’s Communication Co., Ltd.RevoWorks SCVX5.0.7 and earlier 5 series versionsaffected
J’s Communication Co., Ltd.RevoWorks Browser2.2.100 and earlier 2 series versionsaffected
J’s Communication Co., Ltd.RevoWorks Browser3.0.1 and earlier 3 series versionsaffected

Weaknesses

  • CWE-669: Incorrect resource transfer between spheres

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References