【Vulnerability Alert】Weiqiao Information Developed Signature Service (BatchSignCS) has Arbitrary File Write vulnerability

• Subject: 【Vulnerability Alert】Weiqiao Information Developed Signature Service (BatchSignCS) has Arbitrary File Write vulnerability

• Content Description:
  • Forwarded from Taiwan Computer Emergency Response Team/Coordination Center TWCERTCC-200-202507-00000008
  • 【Weiqiao Information | Signature Service (BatchSignCS) - Arbitrary File Write through Path Traversal】(CVE-2025-7619, CVSS: 8.8) Weiqiao Information's developed Signature Service (BatchSignCS) is a Windows background program. It has an Arbitrary File Write vulnerability. When the program is open, if a user browses a malicious website, a remote attacker can write arbitrary files to any path, and potentially exploit this vulnerability to execute arbitrary code.
• Affected Platforms:
  • Signature Service (BatchSignCS) version 3.138 (inclusive) and earlier
• Suggested Measures:
  • Update to version 3.145 (inclusive) and later
• References:
  • https://www.twcert.org.tw/tw/cp-132-10239-770ab-1.html

Computer and Communications Center
Network Systems Division Respectfully