MidnightBSD

Advisories for tssservisignadapter_project

CVE-2021-37909 HIGH

WriteRegistry function in TSSServiSign component does not filter and verify users’ input, remote attackers can rewrite to the registry without permissions thus perform hijack attacks to execute arbitrary code.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
twcert@cert.org.tw 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
tssservisignadapter_project tssservisignadapter *