{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-48387","assignerOrgId":"cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e","state":"PUBLISHED","assignerShortName":"twcert","dateReserved":"2023-11-16T03:52:23.443Z","datePublished":"2023-12-15T08:40:34.306Z","dateUpdated":"2024-10-14T06:07:26.822Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"JCICSecurityTool","vendor":"TAIWAN-CA(TWCA)","versions":[{"status":"affected","version":"4.2.3.32"}]}],"datePublic":"2023-12-15T08:35:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"TAIWAN-CA(TWCA) JCICSecurityTool  fails to check the source website and access locations when executing multiple Registry-related functions. In the scenario where a user is using the JCICSecurityTool and has completed identity verification, if the user browses a malicious webpage created by an attacker, the attacker can exploit this vulnerability to read or modify any registry file under HKEY_CURRENT_USER, thereby achieving remote code execution.<br><br>"}],"value":"TAIWAN-CA(TWCA) JCICSecurityTool  fails to check the source website and access locations when executing multiple Registry-related functions. In the scenario where a user is using the JCICSecurityTool and has completed identity verification, if the user browses a malicious webpage created by an attacker, the attacker can exploit this vulnerability to read or modify any registry file under HKEY_CURRENT_USER, thereby achieving remote code execution."}],"impacts":[{"capecId":"CAPEC-203","descriptions":[{"lang":"en","value":"CAPEC-203 Manipulate Registry Information"}]},{"capecId":"CAPEC-270","descriptions":[{"lang":"en","value":"CAPEC-270 Modification of Registry Run Keys"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-940","description":"CWE-940 Improper Verification of Source of a Communication Channel","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e","shortName":"twcert","dateUpdated":"2024-10-14T06:07:26.822Z"},"references":[{"url":"https://www.twcert.org.tw/tw/cp-132-7602-a47a2-1.html"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Update version to&nbsp;4.2.3.33"}],"value":"Update version to 4.2.3.33"}],"source":{"advisory":"TVN-202312015","discovery":"EXTERNAL"},"title":"TAIWAN-CA(TWCA) JCICSecurityTool - Improper Input Validation","x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T21:30:35.020Z"},"title":"CVE Program Container","references":[{"url":"https://www.twcert.org.tw/tw/cp-132-7602-a47a2-1.html","tags":["x_transferred"]}]}]}}