CVE-2024-40722

Name of the Vulnerable Software and Affected Versions TCBServiSign Windows Version from CHANGING Information Technology (affected versions not specified)

Description The issue concerns a specific API in TCBServiSign that fails to properly validate the length of server-side input. This can be exploited by unauthenticated remote attackers when a user visits a spoofed website, leading to a stack-based buffer overflow that temporarily disrupts the service of TCBServiSign.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.