Forwarded by Taiwan Computer Network Crisis Management and Coordination Center TWCERTCC-200-202507-00000008

[Content Description]
[WellChoose Information｜BatchSignCS - Arbitrary File Write through Path Traversal] (CVE-2025-7619, CVSS: 8.8) The BatchSignCS developed by WellChoose Information is a Windows background program. It has an Arbitrary File Write vulnerability. When the program is turned on, if the user browses a malicious website, a remote attacker can write any file to any path and have the opportunity to use this vulnerability to execute arbitrary code.

[Affected Platform]
Signing Service (BatchSignCS) 3.138 (inclusive) and earlier versions

[Suggested Measures]
Update to 3.145 (inclusive) and later versions

[References]
https://www.twcert.org.tw/tw/cp-132-10239-770ab-1.html