The cross-browser document creation component produced by Digitware System Integration Corporation has a Remote Code Execution vulnerability. If a user visits a malicious website while the component is active, remote attackers can cause the system to download and execute arbitrary programs.
Fixes

Solution

Contact the vendor to obtain the update


Workaround

No workaround given by the vendor.

History

Mon, 14 Jul 2025 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 14 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00057}


Mon, 14 Jul 2025 07:30:00 +0000

Type Values Removed Values Added
Description The cross-browser document creation component developed by Digitware System Integration Corporation has a Remote Code Execution vulnerability. If a user visits a malicious website while the component is active, remote attackers can cause the system to download and execute arbitrary programs. The cross-browser document creation component produced by Digitware System Integration Corporation has a Remote Code Execution vulnerability. If a user visits a malicious website while the component is active, remote attackers can cause the system to download and execute arbitrary programs.

Mon, 14 Jul 2025 03:30:00 +0000

Type Values Removed Values Added
Description The cross-browser document creation component developed by Digitware System Integration Corporation has a Remote Code Execution vulnerability. If a user visits a malicious website while the component is active, remote attackers can cause the system to download and execute arbitrary programs.
Title DSIC|Cross-browser Components for Official Document Creation - Remote Code Execution
Weaknesses CWE-494
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: twcert

Published:

Updated: 2025-07-14T17:12:34.965Z

Reserved: 2025-07-14T02:45:29.694Z

Link: CVE-2025-7620

cve-icon Vulnrichment

Updated: 2025-07-14T17:12:30.046Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-07-14T04:15:47.873

Modified: 2025-07-15T13:14:24.053

Link: CVE-2025-7620

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-07-14T23:06:22Z