CVE-2024-40720 - Vulnerability Details - OpenCVE

The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can modify the `HKEY_CURRENT_USER` registry to execute arbitrary commands.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Changinginformationtechnology	Tcbservisign
Changingtec	Tcb Servisign

Configuration 1 [-]

cpe:2.3:a:changingtec:tcb_servisign:*:*:*:*:*:windows:*:*

No data.

References

Link	Providers
https://www.twcert.org.tw/en/cp-139-7971-d9584-2.html
https://www.twcert.org.tw/tw/cp-132-7965-8285d-1.html

History

Fri, 09 Aug 2024 15:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Changingtec Changingtec tcb Servisign
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:a:changingtec:tcb_servisign::::::windows::*
Vendors & Products		Changingtec Changingtec tcb Servisign

MITRE

Status: PUBLISHED

Assigner: twcert

Published: 2024-08-02T10:10:16.249Z

Updated: 2024-08-02T16:08:16.108Z

Reserved: 2024-07-09T03:30:54.516Z

Link: CVE-2024-40720

Vulnrichment

Updated: 2024-08-02T16:08:12.763Z

NVD

Status : Analyzed

Published: 2024-08-02T11:16:42.763

Modified: 2024-08-09T14:36:35.047

Link: CVE-2024-40720

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-40720", "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "state": "PUBLISHED", "assignerShortName": "twcert", "dateReserved": "2024-07-09T03:30:54.516Z", "datePublished": "2024-08-02T10:10:16.249Z", "dateUpdated": "2024-08-02T16:08:16.108Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "TCBServiSign Windows Version", "vendor": "CHANGING Information Technology", "versions": [{"lessThan": "1.0.24.0318", "status": "affected", "version": "0", "versionType": "custom"}]}], "datePublic": "2024-08-02T10:06:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can modify the `HKEY_CURRENT_USER` registry to execute arbitrary commands.</span>"}], "value": "The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can modify the `HKEY_CURRENT_USER` registry to execute arbitrary commands."}], "impacts": [{"capecId": "CAPEC-270", "descriptions": [{"lang": "en", "value": "CAPEC-270 Modification of Registry Run Keys"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "shortName": "twcert", "dateUpdated": "2024-08-02T10:10:16.249Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://www.twcert.org.tw/tw/cp-132-7965-8285d-1.html"}, {"url": "https://www.twcert.org.tw/en/cp-139-7971-d9584-2.html"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Update to version 1.0.24.0318 or later.</span>\n\n<br>"}], "value": "Update to version 1.0.24.0318 or later."}], "source": {"advisory": "TVN-202407015", "discovery": "EXTERNAL"}, "title": "CHANGING Information Technology TCBServiSign Windows Version - Improper Input Validation", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "changinginformationtechnology", "product": "tcbservisign", "cpes": ["cpe:2.3:a:changinginformationtechnology:tcbservisign:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "1.0.24.0318", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-02T16:06:13.562780Z", "id": "CVE-2024-40720", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-02T16:08:16.108Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-40720", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-02T16:06:13.562780Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:changinginformationtechnology:tcbservisign:*:*:*:*:*:*:*:*"], "vendor": "changinginformationtechnology", "product": "tcbservisign", "versions": [{"status": "affected", "version": "0", "lessThan": "1.0.24.0318", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-02T16:08:12.763Z"}}], "cna": {"title": "CHANGING Information Technology TCBServiSign Windows Version - Improper Input Validation", "source": {"advisory": "TVN-202407015", "discovery": "EXTERNAL"}, "impacts": [{"capecId": "CAPEC-270", "descriptions": [{"lang": "en", "value": "CAPEC-270 Modification of Registry Run Keys"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "CHANGING Information Technology", "product": "TCBServiSign Windows Version", "versions": [{"status": "affected", "version": "0", "lessThan": "1.0.24.0318", "versionType": "custom"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update to version 1.0.24.0318 or later.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Update to version 1.0.24.0318 or later.</span>\n\n<br>", "base64": false}]}], "datePublic": "2024-08-02T10:06:00.000Z", "references": [{"url": "https://www.twcert.org.tw/tw/cp-132-7965-8285d-1.html", "tags": ["third-party-advisory"]}, {"url": "https://www.twcert.org.tw/en/cp-139-7971-d9584-2.html"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can modify the `HKEY_CURRENT_USER` registry to execute arbitrary commands.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can modify the `HKEY_CURRENT_USER` registry to execute arbitrary commands.</span>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}], "providerMetadata": {"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "shortName": "twcert", "dateUpdated": "2024-08-02T10:10:16.249Z"}}}, "cveMetadata": {"cveId": "CVE-2024-40720", "state": "PUBLISHED", "dateUpdated": "2024-08-02T16:08:16.108Z", "dateReserved": "2024-07-09T03:30:54.516Z", "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "datePublished": "2024-08-02T10:10:16.249Z", "assignerShortName": "twcert"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:changingtec:tcb_servisign:*:*:*:*:*:windows:*:*", "matchCriteriaId": "4F2A798C-915D-4A62-A562-5B1AFE7899A9", "versionEndExcluding": "1.0.24.0318", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can modify the `HKEY_CURRENT_USER` registry to execute arbitrary commands."}, {"lang": "es", "value": "La API espec\u00edfica en TCBServiSign Windows Version de CHANGING Information Technology no valida correctamente la entrada del lado del servidor. Cuando un usuario visita un sitio web falsificado, atacantes remotos no autenticados pueden modificar el registro `HKEY_CURRENT_USER` para ejecutar comandos arbitrarios."}], "id": "CVE-2024-40720", "lastModified": "2024-08-09T14:36:35.047", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "twcert@cert.org.tw", "type": "Secondary"}]}, "published": "2024-08-02T11:16:42.763", "references": [{"source": "twcert@cert.org.tw", "tags": ["Third Party Advisory"], "url": "https://www.twcert.org.tw/en/cp-139-7971-d9584-2.html"}, {"source": "twcert@cert.org.tw", "tags": ["Third Party Advisory"], "url": "https://www.twcert.org.tw/tw/cp-132-7965-8285d-1.html"}], "sourceIdentifier": "twcert@cert.org.tw", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "twcert@cert.org.tw", "type": "Secondary"}]}