Vulnerabilities > CVE-2020-3925 - Unspecified vulnerability in Changingtec Servisign 1.0.19.0617

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
changingtec
critical

Summary

A Remote Code Execution(RCE) vulnerability exists in some designated applications in ServiSign security plugin, as long as the interface is captured, attackers are able to launch RCE and executes arbitrary command on target system via malicious crafted scripts.

Vulnerable Configurations

Part Description Count
Application
Changingtec
1
OS
Microsoft
1