Buffer Overflow Vulnerability in TCBServiSign

CVE-2024-40722
4.3MEDIUM

Key Information

Vendor
Changingtec
Status
Tcb Servisign
Vendor
CVE Published:
2 August 2024

Summary

The specific API in TCBServiSign Windows Version from CHANGING Information Technology does does not properly validate the length of server-side input. When a user visits a spoofed website, unauthenticated remote attackers can cause a stack-based buffer overflow in the TCBServiSign, temporarily disrupting its service.

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published.

Collectors

NVD Database
.