Security Advisory

CVE-2022-39060

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-01-31 00:00:00

Last updated 2025-03-27 18:22:55

Assigner twcert

State PUBLISHED

Description

ChangingTech MegaServiSignAdapter component has a vulnerability of improper input validation. An unauthenticated remote attacker can exploit this vulnerability to access and modify HKEY_CURRENT_USER subkey (ex: AutoRUN) in Registry where malicious scripts can be executed to take control of the system or to terminate the service.

← Browse all CVEs View on cve.org ↗