Vulnerability Details CVE-2020-3925
A Remote Code Execution(RCE) vulnerability exists in some designated applications in ServiSign security plugin, as long as the interface is captured, attackers are able to launch RCE and executes arbitrary command on target system via malicious crafted scripts.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.045
EPSS Ranking 88.7%
CVSS Severity
CVSS v3 Score 8.3
CVSS v2 Score 9.3
References
Products affected by CVE-2020-3925
-
cpe:2.3:a:changingtec:servisign:-
-
cpe:2.3:a:changingtec:servisign:1.0.19.0617
-
cpe:2.3:o:microsoft:windows:-