【Vulnerability Alert】Digitware System Integration|Official Document Cross-Browser Component - Remote Code Execution

publish date : 2025-07-21 update date : 2025-07-21

Source: Ministry of education information & communication security contingency platform

Publication Number TACERT-ANA-2025071511070505 Publication Time 2025/07/15 11:12
Incident Type ANA-Vulnerability Alert Discovery Time 2025/07/15 11:12
Impact Level Low  
[Subject]
【Vulnerability Alert】Digitware System Integration|Official Document Cross-Browser Component - Remote Code Execution
[Content]
Forwarded from TWCERTCC-200-202507-00000009

A Remote Code Execution vulnerability exists in the cross-browser component for official document production developed by Digitware System Integration. If a user accesses a malicious website while the component is enabled, a remote attacker may trigger the download and execution of arbitrary programs.

Information Sharing Level: WHITE (Information content can be publicly disclosed)
[Affected Platform]
Official Document Cross-Browser Component version 1.6.8 and earlier
[Recommended Actions]
Contact the vendor to perform an update.
[Reference]
https://www.twcert.org.tw/tw/cp-132-10241-2ec07-1.html
(This notification is for informational purposes only and does not constitute a cybersecurity incident).
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw
Organizer: Computer Center