1C

Is a qualified electronic signature universal?

The situation is as follows
. I use the services of an accounting office. They submit reports for me to the tax office through 1C-Reporting. To do this, every year I issue a Qualified Electronic Signature through them, which is actually stored with them. Because they sign the accounts on my behalf.
Recently, I discovered that these signatures are present on the Gosulug portal (for several years).
Since it is a Qualified Electronic Signature, it has the rights of a paper signature. Hence the question, can attackers take a signature from an accounting office and sign other documents for me, for example, to sell an apartment?
My guesses
As I understand it, for 1C a signature is created with an OID (object identifier) ​​that uniquely identifies the user in 1C. Other systems also require an OID to work. Those. there is a certain mechanism for delimiting rights and this is good on the one hand, but bad on the other (you need to pay for a signature for each system)
However, according to https://iecp.ru/articles/item/428240-Zapret-na-dop... OID canceled and the signature becomes universal for all. And it turns out that the signature for 1C is suitable for selling an apartment?
Where else can you read about it?

UPDATE 02/19/2021
Any signature is universal. Got a response from an expert from iecp.ru

According to Part 1 of Art. 6 of the Federal Law of April 6, 2011 No. 63-FZ "On Electronic Signature" (hereinafter - Law No. 63-FZ), information in electronic form, signed by an enhanced qualified electronic signature (hereinafter - CEP), is recognized as an electronic document equivalent to a document on paper , signed with a handwritten signature, and can be used in any legal relationship in accordance with the legislation of the Russian Federation, except if federal laws or regulatory legal acts adopted in accordance with them establish a requirement that the document be drawn up exclusively on paper.

Thus, in your case, there are risks on many issues (taking loans in your name, registering legal entities, etc.). We assure you that the presence of an object identifier (OID) in a qualified certificate before 07/01/2020 did not in any way insure you against these potential threats.

In order to avoid any troubles when using the CES, its owner must strictly comply with the information security rules given in Law No. 63-FZ, as well as the guidance on ensuring the security of using the CES and qualified electronic signature tools, which the accredited certification center must provide to the owner of the qualified certificate simultaneously with his issuance.

We recommend that you read the article "Self-defense in the electronic signature market: how to resist scammers" (https://iecp.ru/articles/item/424130-samooborona-n... ), as well as with the news "The procedure for using electronic signatures in real estate transactions is changing" ( https://iecp.ru/news/item/ 424464-meniaetsia-poriad... ).

Agreed with accountants on the following scheme
1. They keep accounts and prepare reports
2. I sign and send documents through VLIS

Thank you all.
PS. I myself am a programmer with great experience and I perfectly understand how a public key differs from a private one. But when it reaches the everyday level, it turns out a shoemaker without boots :)