WriteRegistry function in TSSServiSign component does not filter and verify users’ input, remote attackers can rewrite to the registry without permissions thus perform hijack attacks to execute arbitrary code.Referenceshttps://www.twcert.org.tw/tw/cp-132-5093-76f04-1.html
