CVE Details
Basic Information
| Title | DSIC|Cross-browser Components for Official Document Creation – Remote Code Execution |
|---|---|
| Type | cve |
| Published | 2025-07-14T03:16:00.409Z |
| Modified | 2025-07-14T03:16:00.409Z |
Product Information
| Vendor | DSIC |
|---|---|
| Product | Cross-browser Components for Official Document Creation |
| Version | 0 |
CVSS Information
| Base Score | 8.8 (HIGH) |
|---|---|
| Attack Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
AI Analysis
| AI Description | A remote code execution vulnerability in DSIC’s cross-browser document creation component allows attackers to execute arbitrary programs when a user visits a malicious website. |
|---|---|
| AI Severity | Critical |
| AI Vendor | Digitware System Integration Corporation |
| AI Product | Cross-browser Components for Official Document Creation |
| AI Version | Unspecified |
Affected Products
- DSIC Cross-browser Components for Official Document Creation 0
Additional Information
| CWE List | CWE-494 |
|---|---|
| Source | twcert |
Description
The cross-browser document creation component developed by Digitware System Integration Corporation has a Remote Code Execution vulnerability. If a user visits a malicious website while the component is active, remote attackers can cause the system to download and execute arbitrary programs.