← back
CVE-2024-47560

CVE-2024-47560

CVSS 7.8 HIGHEPSS 0.2%CWE-863
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.8EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
01 Oct 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
RevoWorks Cloud Client 3.0.91 and earlier contains an incorrect authorization vulnerability. If this vulnerability is exploited, unintended processes may be executed in the sandbox environment. Even if malware is executed in the sandbox environment, it does not compromise the client's local environment. However, information in the sandbox environment may be disclosed to outside or behaviors of the sandbox environment may be violated by tampering registry.
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
J’s Communication Co., Ltd. · RevoWorks Cloud Client

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://jscom.jp/news-20240918/https://jvn.jp/en/jp/JVN39280069/