Lucene search

TwcertCVELIST:CVE-2024-40720

HistoryAug 02, 2024 - 10:10 a.m.

CVE-2024-40720 CHANGING Information Technology TCBServiSign Windows Version - Improper Input Validation

2024-08-0210:10:16

CWE-20

twcert

www.cve.org

cve-2024-40720

changing information technology

spoofed website

remote attackers

registry modification

arbitrary commands

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

38.5%

JSON

The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can modify the HKEY_CURRENT_USER registry to execute arbitrary commands.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "TCBServiSign Windows Version",
    "vendor": "CHANGING Information Technology",
    "versions": [
      {
        "lessThan": "1.0.24.0318",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.twcert.org.tw/en/cp-139-7971-d9584-2.html

www.twcert.org.tw/tw/cp-132-7965-8285d-1.html

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

38.5%

JSON

Related for CVELIST:CVE-2024-40720