Vulnerability Details CVE-2022-39060
ChangingTech MegaServiSignAdapter component has a vulnerability of improper input validation. An unauthenticated remote attacker can exploit this vulnerability to access and modify HKEY_CURRENT_USER subkey (ex: AutoRUN) in Registry where malicious scripts can be executed to take control of the system or to terminate the service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.3%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2022-39060
-
cpe:2.3:a:changingtec:megaservisignadapter:-
-
cpe:2.3:a:changingtec:megaservisignadapter:1.0.17.0823