Plateforme
windows
Composant
gosign-desktop
Corrigé dans
2.4.2
CVE-2025-65083 is a security vulnerability affecting GoSign Desktop versions 0 through 2.4.1. It stems from the application's behavior when configured to use a proxy server, where TLS certificate validation is disabled. This can lead to a bypass of integrity protection if a user selects an arbitrary proxy that allows connections to untrusted servers, potentially compromising data integrity.
The core impact of CVE-2025-65083 lies in the potential for integrity bypass. If a user is tricked into configuring GoSign Desktop to use a malicious or compromised proxy server, the application will not validate the TLS certificates presented by the destination server. This means that an attacker could intercept and modify data transmitted between GoSign Desktop and the intended server without detection. While the vulnerability description notes that this is outside the product's design objectives, a misconfigured environment could expose sensitive information. The blast radius is limited to the data processed by GoSign Desktop and the potential for man-in-the-middle attacks facilitated by the proxy.
CVE-2025-65083 has a LOW CVSS score, indicating a relatively low probability of exploitation. As of the public disclosure date (2025-11-17), there are no publicly known proof-of-concept exploits. It is not currently listed on the CISA KEV catalog. The vulnerability's reliance on user configuration and the need for a compromised proxy server likely contribute to its lower exploitation probability.
Organizations utilizing GoSign Desktop, particularly those with configurations that allow users to configure proxy servers without adequate oversight, are at risk. Shared hosting environments where users have control over proxy settings are also potentially vulnerable. Legacy configurations that haven't been reviewed for security best practices should be prioritized for patching.
• windows / supply-chain:
Get-Process | Where-Object {$_.ProcessName -eq "GoSignDesktop"}• windows / supply-chain:
Get-ItemProperty -Path 'HKCU:\Software\GoSignDesktop' -Name ProxyServer• windows / supply-chain:
Get-WinEvent -LogName Application -FilterXPath "*[System[Provider[@Name='GoSignDesktop']]]" -MaxEvents 10disclosure
Statut de l'Exploit
EPSS
0.01% (percentile 2%)
CISA SSVC
Vecteur CVSS
The primary mitigation for CVE-2025-65083 is to upgrade GoSign Desktop to version 2.4.2 or later, which addresses the certificate validation issue. If upgrading is not immediately feasible, consider implementing stricter proxy server controls within your organization. This includes whitelisting approved proxy servers and educating users about the risks of using untrusted proxies. Network administrators should also review proxy configurations to ensure that TLS certificate validation is enabled wherever possible. After upgrading, confirm the fix by verifying that TLS certificate validation is enforced when using a proxy server.
Actualice GoSign Desktop a una versión posterior a la 2.4.1 para corregir la vulnerabilidad de validación de certificados TLS al usar un proxy. Asegúrese de configurar correctamente el proxy y confiar en la CA de la empresa si es necesario. Evite usar proxies no confiables.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2025-65083 is a vulnerability in GoSign Desktop versions 0-2.4.1 where TLS certificate validation is disabled when using a proxy, potentially allowing integrity bypass.
If you are using GoSign Desktop versions 0 through 2.4.1 and have configured it to use a proxy server, you are potentially affected by this vulnerability.
Upgrade GoSign Desktop to version 2.4.2 or later to resolve the TLS certificate validation issue. If upgrading isn't possible, implement stricter proxy server controls.
As of the public disclosure date, there are no publicly known active exploits for CVE-2025-65083.
Refer to the official GoSign Desktop advisory for detailed information and updates regarding CVE-2025-65083.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.