CVE-2020-3925
8.3
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Summary
A Remote Code Execution(RCE) vulnerability exists in some designated applications in ServiSign security plugin, as long as the interface is captured, attackers are able to launch RCE and executes arbitrary command on target system via malicious crafted scripts.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| CHANGING | ServiSign Windows versions | 0 <= 1.0.19.0617 | affected |
Weaknesses
- Remote Code Execution
ADP Enrichment
CVE Program Container
Additional References
- https://tvn.twcert.org.tw/taiwanvn/TVN-201910005
- https://www.chtsecurity.com/news/1179d48b-7609-4f67-9d7e-3bac2979c6ce
References
- https://tvn.twcert.org.tw/taiwanvn/TVN-201910005
- https://www.chtsecurity.com/news/1179d48b-7609-4f67-9d7e-3bac2979c6ce
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.