【Vulnerability Alert】Diwei System Integration's Cross-Browser Component for Document Creation Has a Remote Code Execution Vulnerability

Date Posted: 2025/07/16

Subject: 【Vulnerability Alert】Diwei System Integration's Cross-Browser Component for Document Creation Has a Remote Code Execution Vulnerability

Content Description:
- Forwarded from Taiwan Computer Emergency Response Team/Coordination Center TWCERTCC-200-202507-00000009
- 【Diwei System Integration｜Cross-Browser Component for Document Creation - Remote Code Execution】(CVE-2025-7620, CVSS: 8.8) The cross-browser component for document creation developed by Diwei System Integration has a Remote Code Execution vulnerability. If a user browses a malicious website while this component is enabled, a remote attacker can cause it to download and execute arbitrary programs.
Affected Platforms:
- Cross-browser component for document creation v1.6.8 (inclusive) and earlier versions
Suggested Measures:
- Contact the vendor for updates
References:
- https://www.twcert.org.tw/tw/cp-132-10241-2ec07-1.html

Computer and Communications Center
Network Systems Division Respectfully