CVE-2024-40719

Name of the Vulnerable Software and Affected Versions CHANGING Information Technology TCBServiSign Windows Version (affected versions not specified)

Description The issue is related to the insufficient encryption strength of authorization keys. A remote attacker can exploit this by tricking a victim into visiting a malicious website, which TCBServiSign will then treat as a legitimate server and interact with.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.