Security Advisory
CVE-2024-40721
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can cause the TCBServiSign to load a DLL from an arbitrary path.