【Vulnerability Alert】Diwei System Integration's Cross-Browser Component for Document Creation Has a Remote Code Execution Vulnerability

• Subject: 【Vulnerability Alert】Diwei System Integration's Cross-Browser Component for Document Creation Has a Remote Code Execution Vulnerability

• Content Description:
  • Forwarded from Taiwan Computer Emergency Response Team/Coordination Center TWCERTCC-200-202507-00000009
  • 【Diwei System Integration｜Cross-Browser Component for Document Creation - Remote Code Execution】(CVE-2025-7620, CVSS: 8.8) The cross-browser component for document creation developed by Diwei System Integration has a Remote Code Execution vulnerability. If a user browses a malicious website while this component is enabled, a remote attacker can cause it to download and execute arbitrary programs.
• Affected Platforms:
  • Cross-browser component for document creation v1.6.8 (inclusive) and earlier versions
• Suggested Measures:
  • Contact the vendor for updates
• References:
  • https://www.twcert.org.tw/tw/cp-132-10241-2ec07-1.html

Computer and Communications Center
Network Systems Division Respectfully