CVE-2023-48387

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-48387
TAIWAN-CA(TWCA) JCICSecurityTool fails to check the source website and access locations when executing multiple Registry-related functions. In the scenario where a user is using the JCICSecurityTool and has completed identity verification, if the user browses a malicious webpage created by an attacker, the attacker can exploit this vulnerability to read or modify any registry file under HKEY_CURRENT_USER, thereby achieving remote code execution.

8.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.twcert.org.tw/tw/cp-132-7602-a47a2-1.html Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:twca:jcicsecuritytool:4.2.3.32:*:*:*:*:*:*:*
History

14 Oct 2024, 06:15

Type Values Removed Values Added
Summary (en) TAIWAN-CA(TWCA) JCICSecurityTool fails to check the source website and access locations when executing multiple Registry-related functions. In the scenario where a user is using the JCICSecurityTool and has completed identity verification, if the user browses a malicious webpage created by an attacker, the attacker can exploit this vulnerability to read or modify any registry file under HKEY_CURRENT_USER, thereby achieving remote code execution. (en) TAIWAN-CA(TWCA) JCICSecurityTool fails to check the source website and access locations when executing multiple Registry-related functions. In the scenario where a user is using the JCICSecurityTool and has completed identity verification, if the user browses a malicious webpage created by an attacker, the attacker can exploit this vulnerability to read or modify any registry file under HKEY_CURRENT_USER, thereby achieving remote code execution.
CWE CWE-20 CWE-940

03 Oct 2024, 18:40

Type Values Removed Values Added
CWE CWE-79 NVD-CWE-noinfo

31 Jan 2024, 03:15

Type Values Removed Values Added
Summary TAIWAN-CA(TWCA) JCICSecurityTool's Registry-related functions have insufficient filtering for special characters. An unauthenticated remote attacker can inject malicious script into a webpage to perform XSS (Stored Cross-Site Scripting) attack. TAIWAN-CA(TWCA) JCICSecurityTool fails to check the source website and access locations when executing multiple Registry-related functions. In the scenario where a user is using the JCICSecurityTool and has completed identity verification, if the user browses a malicious webpage created by an attacker, the attacker can exploit this vulnerability to read or modify any registry file under HKEY_CURRENT_USER, thereby achieving remote code execution.
CVSS v2 : unknown
v3 : 6.1 		v2 : unknown
v3 : 8.8
CWE CWE-79 CWE-20

22 Dec 2023, 15:19

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 6.1
First Time Twca
Twca jcicsecuritytool
CWE CWE-79
References () https://www.twcert.org.tw/tw/cp-132-7602-a47a2-1.html - () https://www.twcert.org.tw/tw/cp-132-7602-a47a2-1.html - Third Party Advisory
CPE cpe:2.3:a:twca:jcicsecuritytool:4.2.3.32:*:*:*:*:*:*:*

15 Dec 2023, 13:42

Type Values Removed Values Added
New CVE
Information

Published : 2023-12-15 09:15

Updated : 2024-10-14 06:15

NVD link : CVE-2023-48387

Mitre link : CVE-2023-48387

CVE.ORG link : CVE-2023-48387

JSON object : View

Products Affected

twca

  • jcicsecuritytool
CWE
CWE-940

Improper Verification of Source of a Communication Channel

NVD-CWE-noinfo

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024