| TVN ID | TVN-201910006 |
|---|---|
| CVE ID | CVE-2020-3926 |
| CVSS | 6.1 (Medium) CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N |
| Affected Products | ServiSign Windows versions before version 1.0.19.0617 |
| Description | An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the attackers learn the specific API function, they may access arbitrary files on target system via crafted API parameter. |
| Solution | Update to version >=1.0.19.1016 or contact tech support from CHANGING Inc. |
| Credit | Weber Tsai (CHT Security) |
| Public Date | 2020-02-03 |
:::