ServiSign Windows Versions- Remote Code Execution via LoadLibrary
CVE-2020-3925

8.3HIGH

Key Information:

Vendor: Changing
Status: Servisign Windows Versions
Vendor: CVE Published:; 3 February 2020

What is CVE-2020-3925?

A Remote Code Execution(RCE) vulnerability exists in some designated applications in ServiSign security plugin, as long as the interface is captured, attackers are able to launch RCE and executes arbitrary command on target system via malicious crafted scripts.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

ServiSign Windows 0 <= 1.0.19.0617

References

https://tvn.twcert.org.tw/taiwanvn/TVN-201910005

x_refsource_MISC

https://www.chtsecurity.com/news/1179d48b-7609-4f67-9d7e-...

x_refsource_MISC

CVSS V3.1

Score:

8.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Feb 3, 2020
Vulnerability Reserved
Dec 20, 2019

JSON

Changing

What is CVE-2020-3925?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.