{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-14T21:37:47.602","vulnerabilities":[{"cve":{"id":"CVE-2020-3925","sourceIdentifier":"twcert@cert.org.tw","published":"2020-02-03T11:15:12.527","lastModified":"2024-11-21T05:31:58.243","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Remote Code Execution(RCE) vulnerability exists in some designated applications in ServiSign security plugin, as long as the interface is captured, attackers are able to launch RCE and executes arbitrary command on target system via malicious crafted scripts."},{"lang":"es","value":"Se presenta una vulnerabilidad de Ejecución de Código Remota (RCE) en algunas aplicaciones designadas en el plugin de seguridad de ServiSign, siempre que la interfaz sea capturada, los atacantes pueden iniciar RCE y ejecutar comandos arbitrarios en el sistema de destino por medio de scripts maliciosos diseñados."}],"metrics":{"cvssMetricV31":[{"source":"twcert@cert.org.tw","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:changingtec:servisign:*:*:*:*:*:*:*:*","versionEndIncluding":"1.0.19.0617","matchCriteriaId":"8806BFD5-AF23-418C-978B-206504623B44"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://tvn.twcert.org.tw/taiwanvn/TVN-201910005","source":"twcert@cert.org.tw","tags":["Third Party Advisory"]},{"url":"https://www.chtsecurity.com/news/1179d48b-7609-4f67-9d7e-3bac2979c6ce","source":"twcert@cert.org.tw","tags":["Third Party Advisory"]},{"url":"https://tvn.twcert.org.tw/taiwanvn/TVN-201910005","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.chtsecurity.com/news/1179d48b-7609-4f67-9d7e-3bac2979c6ce","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}