{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-40720", "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "state": "PUBLISHED", "assignerShortName": "twcert", "dateReserved": "2024-07-09T03:30:54.516Z", "datePublished": "2024-08-02T10:10:16.249Z", "dateUpdated": "2024-08-02T16:08:16.108Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "TCBServiSign Windows Version", "vendor": "CHANGING Information Technology", "versions": [{"lessThan": "1.0.24.0318", "status": "affected", "version": "0", "versionType": "custom"}]}], "datePublic": "2024-08-02T10:06:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can modify the `HKEY_CURRENT_USER` registry to execute arbitrary commands.</span>"}], "value": "The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can modify the `HKEY_CURRENT_USER` registry to execute arbitrary commands."}], "impacts": [{"capecId": "CAPEC-270", "descriptions": [{"lang": "en", "value": "CAPEC-270 Modification of Registry Run Keys"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "shortName": "twcert", "dateUpdated": "2024-08-02T10:10:16.249Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://www.twcert.org.tw/tw/cp-132-7965-8285d-1.html"}, {"url": "https://www.twcert.org.tw/en/cp-139-7971-d9584-2.html"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Update to version 1.0.24.0318 or later.</span>\n\n<br>"}], "value": "Update to version 1.0.24.0318 or later."}], "source": {"advisory": "TVN-202407015", "discovery": "EXTERNAL"}, "title": "CHANGING Information Technology TCBServiSign Windows Version - Improper Input Validation", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "changinginformationtechnology", "product": "tcbservisign", "cpes": ["cpe:2.3:a:changinginformationtechnology:tcbservisign:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "1.0.24.0318", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-02T16:06:13.562780Z", "id": "CVE-2024-40720", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-02T16:08:16.108Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-40720", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-02T16:06:13.562780Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:changinginformationtechnology:tcbservisign:*:*:*:*:*:*:*:*"], "vendor": "changinginformationtechnology", "product": "tcbservisign", "versions": [{"status": "affected", "version": "0", "lessThan": "1.0.24.0318", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-02T16:08:12.763Z"}}], "cna": {"title": "CHANGING Information Technology TCBServiSign Windows Version - Improper Input Validation", "source": {"advisory": "TVN-202407015", "discovery": "EXTERNAL"}, "impacts": [{"capecId": "CAPEC-270", "descriptions": [{"lang": "en", "value": "CAPEC-270 Modification of Registry Run Keys"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "CHANGING Information Technology", "product": "TCBServiSign Windows Version", "versions": [{"status": "affected", "version": "0", "lessThan": "1.0.24.0318", "versionType": "custom"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update to version 1.0.24.0318 or later.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Update to version 1.0.24.0318 or later.</span>\n\n<br>", "base64": false}]}], "datePublic": "2024-08-02T10:06:00.000Z", "references": [{"url": "https://www.twcert.org.tw/tw/cp-132-7965-8285d-1.html", "tags": ["third-party-advisory"]}, {"url": "https://www.twcert.org.tw/en/cp-139-7971-d9584-2.html"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can modify the `HKEY_CURRENT_USER` registry to execute arbitrary commands.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can modify the `HKEY_CURRENT_USER` registry to execute arbitrary commands.</span>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}], "providerMetadata": {"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "shortName": "twcert", "dateUpdated": "2024-08-02T10:10:16.249Z"}}}, "cveMetadata": {"cveId": "CVE-2024-40720", "state": "PUBLISHED", "dateUpdated": "2024-08-02T16:08:16.108Z", "dateReserved": "2024-07-09T03:30:54.516Z", "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "datePublished": "2024-08-02T10:10:16.249Z", "assignerShortName": "twcert"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:changingtec:tcb_servisign:*:*:*:*:*:windows:*:*", "matchCriteriaId": "4F2A798C-915D-4A62-A562-5B1AFE7899A9", "versionEndExcluding": "1.0.24.0318", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can modify the `HKEY_CURRENT_USER` registry to execute arbitrary commands."}, {"lang": "es", "value": "La API espec\u00edfica en TCBServiSign Windows Version de CHANGING Information Technology no valida correctamente la entrada del lado del servidor. Cuando un usuario visita un sitio web falsificado, atacantes remotos no autenticados pueden modificar el registro `HKEY_CURRENT_USER` para ejecutar comandos arbitrarios."}], "id": "CVE-2024-40720", "lastModified": "2024-08-09T14:36:35.047", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "twcert@cert.org.tw", "type": "Secondary"}]}, "published": "2024-08-02T11:16:42.763", "references": [{"source": "twcert@cert.org.tw", "tags": ["Third Party Advisory"], "url": "https://www.twcert.org.tw/en/cp-139-7971-d9584-2.html"}, {"source": "twcert@cert.org.tw", "tags": ["Third Party Advisory"], "url": "https://www.twcert.org.tw/tw/cp-132-7965-8285d-1.html"}], "sourceIdentifier": "twcert@cert.org.tw", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "twcert@cert.org.tw", "type": "Secondary"}]}

{}

{}