Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Alert TWCERTCC-200-202603-00000016
[Content Description]
【DragonSoft |GCB/FCB Government Financial Security Configuration Audit Software - Missing Authentication】(CVE-2026-4312, CVSS: 9.8) The GCB/FCB government financial security configuration audit software developed by DragonSoft contains a Missing Authentication vulnerability. Unauthenticated remote attackers can directly use API functions to add administrative privilege accounts.
[Affected Platforms]
GCB/FCB Government Financial Security Configuration Audit Software versions prior to 20260108 (excluding 20260108)
[Recommended Measures]
Update to version 20260108 (inclusive) or later
[References]
1. https://www.twcert.org.tw/tw/cp-132-10784-4f67d-1.html
[Security Vulnerability Alert] DragonSoft | GCB/FCB Government Financial Security Configuration Audit Software - Missing Authentication
Type:行政公告
Pubish Date:2026/03/19 至 2026/09/19
Visitors:307
相關附件
返回列表
