Platform
windows
Component
batchsigncs
Fixed in
3.318.1
CVE-2025-7619 describes a Path Traversal vulnerability discovered in BatchSignCS, a Windows background application developed by WellChoose. This flaw allows remote attackers to write arbitrary files to any path on a system if a user visits a malicious website while the application is running, potentially leading to arbitrary code execution. The vulnerability affects versions 0 through 3.318, and a patch is available in version 3.318.1.
The impact of CVE-2025-7619 is significant due to its potential for arbitrary code execution. An attacker could leverage this vulnerability to upload malicious files, overwrite critical system files, or inject malicious code into existing processes. Successful exploitation could grant the attacker complete control over the affected system. The attack vector is remote, requiring only a user to visit a malicious website, making it a widespread threat. This vulnerability shares similarities with other file write vulnerabilities where attackers can bypass security controls to gain unauthorized access and execute arbitrary code.
CVE-2025-7619 was publicly disclosed on 2025-07-14. The vulnerability's ease of exploitation, combined with the potential for remote code execution, suggests a medium probability of exploitation (EPSS score likely medium). No public proof-of-concept (POC) code has been released as of this writing, but the vulnerability's nature makes it a likely target for exploitation. Monitor security advisories and threat intelligence feeds for any indications of active exploitation campaigns.
Exploit Status
EPSS
1.06% (77% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-7619 is to immediately upgrade BatchSignCS to version 3.318.1 or later. If upgrading is not immediately feasible, consider implementing network-level controls to block access to known malicious websites. While a direct WAF rule is difficult to implement for this specific vulnerability, monitoring outbound traffic for unusual file writes could provide an early warning. Review BatchSignCS configuration to ensure it operates with the least privileges possible. After upgrading, confirm the fix by attempting to trigger the vulnerability with a known malicious payload and verifying that the file write is blocked.
Actualizar BatchSignCS a la última versión disponible proporcionada por el proveedor, WellChoose. Si no hay una actualización disponible, contacte al proveedor para obtener un parche o una solución alternativa. Evite visitar sitios web no confiables mientras la aplicación está en ejecución.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-7619 is a Path Traversal vulnerability in WellChoose's BatchSignCS application, allowing attackers to write arbitrary files and potentially execute code remotely.
You are affected if you are using BatchSignCS versions 0 through 3.318. Upgrade to 3.318.1 or later to mitigate the risk.
Upgrade BatchSignCS to version 3.318.1 or later. If immediate upgrade is not possible, implement network controls to block access to malicious websites.
While no active exploitation has been confirmed, the vulnerability's nature suggests a potential for exploitation, and monitoring is advised.
Refer to WellChoose's official website and security advisories for the latest information and updates regarding CVE-2025-7619.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.