Unrated severityNVD Advisory· Published Dec 31, 2020· Updated Sep 16, 2024

CHANGING Inc. NHIServiSignAdapter Windows Versions - Arbitrary File Access

CVE-2020-25842

Description

The encryption function of NHIServiSignAdapter fail to verify the file path input by users. Remote attacker can access arbitrary files through the flaw without privilege.

Affected products

Changing Inc./Nhiservisignadapterv5
Range: 1.0.20.0218

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.twcert.org.tw/tw/cp-132-4270-72392-1.htmlmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000