CVE-2022-39060

CVSS V2 None CVSS V3 None
Description
ChangingTech MegaServiSignAdapter component has a vulnerability of improper input validation. An unauthenticated remote attacker can exploit this vulnerability to access and modify HKEY_CURRENT_USER subkey (ex: AutoRUN) in Registry where malicious scripts can be executed to take control of the system or to terminate the service.
Overview
  • CVE ID
  • CVE-2022-39060
  • Assigner
  • twcert@cert.org.tw
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-01-31T08:15:08
  • Last Modified Date
  • 2023-02-07T17:42:12
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:changingtec:megaservisignadapter:*:*:*:*:*:windows:*:* 1 OR 1.0.22.1004
References
Reference URL Reference Tags
https://www.twcert.org.tw/tw/cp-132-6887-6ed4f-1.html Third Party Advisory
History
Created Old Value New Value Data Type Notes
2023-04-17 06:59:24 Added to TrackCVE
2023-04-17 06:59:27 Weakness Enumeration new