Wiz
Vulnerability DatabaseCVE-2020-3925

CVE-2020-3925
ServiSign vulnerability analysis and mitigation

Overview

A Remote Code Execution (RCE) vulnerability exists in some designated applications in ServiSign security plugin (CVE-2020-3925). The vulnerability was discovered in December 2019 and affects ServiSign, a cross-platform digital signature and verification system developed by Changingtec in Taiwan (CHT Security).

Technical details

The vulnerability exists due to an insecure function call LoadLibraryA in the DLL file of ServiSign. The function lacks proper filtering or restrictions on parameters when reading DLL files in high-privilege directories, allowing attackers to control the path parameter to execute malicious DLL files. The vulnerability affects ServiSign for Windows version 1.0.19.0617 and earlier (CHT Security).

Impact

Without proper path filtering or access control, attackers can execute malicious DLL files on the target computer through these weak functions without authentication. This can be achieved by injecting malicious Javascript code via XSS payloads in phishing websites (CHT Security).

Mitigation and workarounds

Users should upgrade to versions newer than ServiSign for Windows 1.0.19.0617 to mitigate this vulnerability (CHT Security).

Additional resources

SourceThis report was generated using AI

Related ServiSign vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2020-3925HIGH8.8
  • ServiSignServiSign
  • cpe:2.3:a:changingtec:servisign
NoNoFeb 03, 2020
CVE-2020-3927HIGH7.5
  • ServiSignServiSign
  • cpe:2.3:a:changingtec:servisign
NoNoFeb 03, 2020
CVE-2020-3926HIGH7.5
  • ServiSignServiSign
  • cpe:2.3:a:changingtec:servisign
NoNoFeb 03, 2020

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo