Published:2024/02/29  Last Updated:2024/02/29

JVN#35928117
Protection mechanism failure in RevoWorks

Overview

RevoWorks SCVX and RevoWorks Browser provided by J's Communications Co., Ltd. contain a protection mechanism failure vulnerability.

Products Affected

  • RevoWorks SCVX prior to scvimage4.10.21_1013
  • RevoWorks Browser prior to 2.2.95
Note that the products are affected by this vulnerability only when VirusChecker or ThreatChecker feature is being used.

Description

RevoWorks SCVX and RevoWorks Browser provided by J's Communication Co., Ltd. enable users to execute web browsers in the sandboxed environment isolated from the client's local environment.
In the products, file exchange between the sandboxed environment and local environment is prohibited in principle, but by using the optional "VirusChecker" or "ThreatChecker" feature and changing the policy settings, files checked for viruses by these features in the sandboxed environment can be permitted to be downloaded to the local environment.

However, there is a vulnerability (CWE-693) in the products where malware detection is failed when data containing malware is saved in a specific file format (eml, dmg, vhd, iso, msi) in the sandboxed environment

Impact

If data containing malware is saved in a specific file format, malware may be taken outside the sandboxed environment.

Solution

Update the software
Update the software to the latest version according to the information provided by the developer.
The developer addressed the vulnerability in the following versions:

  • RevoWorks SCVX scvimage4.10.21_1013
  • RevoWorks Browser 2.2.95
Apply the workaround
Applying the following workaround may avoid the impact of this vulnerability.
  • Do not use "VirusChecker" and "ThreatChecker" features

Vendor Status

Vendor Link
J's Communication Co., Ltd. The Vulnerability of VirusChecker/ThreatChecker Processing in RevoWorks Products (Text in Japanese)

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

CVSS v3 CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N
Base Score: 2.7
Attack Vector(AV) Physical (P) Local (L) Adjacent (A) Network (N)
Attack Complexity(AC) High (H) Low (L)
Privileges Required(PR) High (H) Low (L) None (N)
User Interaction(UI) Required (R) None (N)
Scope(S) Unchanged (U) Changed (C)
Confidentiality Impact(C) None (N) Low (L) High (H)
Integrity Impact(I) None (N) Low (L) High (H)
Availability Impact(A) None (N) Low (L) High (H)
CVSS v2 AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score: 4.3
Access Vector(AV) Local (L) Adjacent Network (A) Network (N)
Access Complexity(AC) High (H) Medium (M) Low (L)
Authentication(Au) Multiple (M) Single (S) None (N)
Confidentiality Impact(C) None (N) Partial (P) Complete (C)
Integrity Impact(I) None (N) Partial (P) Complete (C)
Availability Impact(A) None (N) Partial (P) Complete (C)

Credit

J's Communication Co., Ltd. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and J's Communication Co., Ltd. coordinated under the Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2024-25091
JVN iPedia JVNDB-2024-000025