Forwarded by Taiwan Computer Network Crisis Management and Coordination Center (TWCERTCC-200-202509-00000002)

[Content Description]
[Changing Information Technology Inc. | Timestamp Server (TSA) - Missing Authentication] (CVE-2025-8861, CVSS: 9.8) The Timestamp Server (TSA) developed by Changing Information Technology Inc. contains a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents using developer tools.

[Affected Platforms]
Timestamp Server (TSA) products purchased before February 6, 2025 are affected.

[Recommended Action]
Contact the manufacturer to confirm patching.

[References]
https://www.twcert.org.tw/tw/cp-132-10360-012e7-1.html