Arbitrary File Write Vulnerability in BatchSignCS by WellChoose
CVE-2025-7619

8.7HIGH

Key Information:

Vendor: Wellchoose
Status: Batchsigncs
Vendor: CVE Published:; 14 July 2025

What is CVE-2025-7619?

BatchSignCS, a Windows application developed by WellChoose, is exposed to an Arbitrary File Write vulnerability. This occurs when a user is tricked into visiting a malicious website while the application is active. If successful, attackers can exploit this flaw to write files to any location on the user's system, leading to potential arbitrary code execution. Users of BatchSignCS must be aware of this risk and ensure they apply any available mitigations to protect their systems.

Affected Version(s)

BatchSignCS 0 <= 3.318

References

https://www.twcert.org.tw/tw/cp-132-10239-770ab-1.html

third-party-advisory

https://www.twcert.org.tw/en/cp-139-10240-00f86-2.html

third-party-advisory

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 14, 2025
Vulnerability Reserved
Jul 14, 2025

Wellchoose

What is CVE-2025-7619?

Affected Version(s)

References

CVSS V4

Timeline