CVE-2024-40720

Name of the Vulnerable Software and Affected Versions TCBServiSign Windows Version from CHANGING Information Technology (affected versions not specified)

Description The issue concerns improper validation of server-side input in a specific API. This can be exploited by unauthenticated remote attackers when a user visits a spoofed website, allowing them to modify the HKEY CURRENT USER registry and execute arbitrary commands.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.