轉發 台灣電腦網路危機處理暨協調中心 TWCERTCC-200-202507-00000009
[內容說明]
【帝緯系統整合|公文製作跨瀏覽器元件 - Remote Code Execution】(CVE-2025-7620,CVSS:8.8) 帝緯系統整合製作之公文製作跨瀏覽器元件存在 Remote Code Execution漏洞,若使用者在該元件啟用的情況下瀏覽惡意網站,遠端攻擊者可使其下載任意程式並執行。
[影響平台]
公文製作跨瀏覽器元件v1.6.8(含)以前版本
[建議措施]
聯繫廠商進行更新
[參考資料]
https://www.twcert.org.tw/tw/cp-132-10241-2ec07-1.html
Forwarded by Taiwan Computer Network Crisis Management and Coordination Center TWCERTCC-200-202507-00000009
[Content Description]
[Digitware System Integration|Official Document Production Cross-Browser Component - Remote Code Execution] (CVE-2025-7620, CVSS: 8.8) The official document production cross-browser component produced by Digitware System Integration has a Remote Code Execution vulnerability. If the user browses a malicious website with the component enabled, a remote attacker can cause it to download and execute any program.
[Affected Platform]
Official Document Production Cross-Browser Component v1.6.8 (inclusive) and earlier versions
[Suggested Measures]
Contact the manufacturer for an update
[References]
https://www.twcert.org.tw/tw/cp-132-10241-2ec07-1.html