Remote Code Execution Vulnerability in Digitware's Document Creation Component
CVE-2025-7620

8.6HIGH

Key Information:

Vendor: Dsic
Status: Cross-browser Components For Official Document Creation
Vendor: CVE Published:; 14 July 2025

What is CVE-2025-7620?

The document creation component from Digitware System Integration Corporation has a vulnerability that allows remote code execution. When the component is active and a user visits a malicious website, attackers can exploit this flaw to download and execute arbitrary programs on the user's system. This poses a significant risk as it can lead to unauthorized access and potential data breaches.

Affected Version(s)

Cross-browser Components for Official Document Creation 0 <= 1.6.8

References

https://www.twcert.org.tw/tw/cp-132-10241-2ec07-1.html

third-party-advisory

https://www.twcert.org.tw/en/cp-139-10242-5ab42-2.html

third-party-advisory

CVSS V4

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 14, 2025
Vulnerability Reserved
Jul 14, 2025

Dsic

What is CVE-2025-7620?

Affected Version(s)

References

CVSS V4

Timeline