CVE-2020-0601

CVE-2020-0601

Name

CVE-2020-0601

Description

A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Patch	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601
MISC	http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html
MISC	http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0601

Type

URI

Patch

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601

MISC

http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html

MISC

http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html

134c704f-9b21-4f2e-91b3-4a467353bcc0

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0601

Match rules

CPE URI	Source package	Min version	Max version
`cpe:2.3:o:microsoft:windows_10:-:::::::*`	windows_10	== None	== -
`cpe:2.3:o:microsoft:windows_10:1607:::::::*`	windows_10	== None	== 1607
`cpe:2.3:o:microsoft:windows_10:1709:::::::*`	windows_10	== None	== 1709
`cpe:2.3:o:microsoft:windows_10:1803:::::::*`	windows_10	== None	== 1803
`cpe:2.3:o:microsoft:windows_10:1809:::::::*`	windows_10	== None	== 1809
`cpe:2.3:o:microsoft:windows_10:1903:::::::*`	windows_10	== None	== 1903
`cpe:2.3:o:microsoft:windows_10:1909:::::::*`	windows_10	== None	== 1909
`cpe:2.3:o:microsoft:windows_server_2016:-:::::::*`	windows_server_2016	== None	== -
`cpe:2.3:o:microsoft:windows_server_2016:1803:::::::*`	windows_server_2016	== None	== 1803
`cpe:2.3:o:microsoft:windows_server_2016:1903:::::::*`	windows_server_2016	== None	== 1903
`cpe:2.3:o:microsoft:windows_server_2016:1909:::::::*`	windows_server_2016	== None	== 1909
`cpe:2.3:o:microsoft:windows_server_2019:-:::::::*`	windows_server_2019	== None	== -
`cpe:2.3:o:microsoft:windows_10_1507:-::::::x64:`	windows_10_1507	== None	== -
`cpe:2.3:o:microsoft:windows_10_1607:-::::::x64:`	windows_10_1607	== None	== -
`cpe:2.3:o:microsoft:windows_10_1709:-::::::arm64:`	windows_10_1709	== None	== -
`cpe:2.3:o:microsoft:windows_10_1803:-::::::arm64:`	windows_10_1803	== None	== -
`cpe:2.3:o:microsoft:windows_10_1809:::::::arm64:*`	windows_10_1809	== None	== None
`cpe:2.3:o:microsoft:windows_10_1903:-::::::arm64:`	windows_10_1903	== None	== -
`cpe:2.3:o:microsoft:windows_10_1909:-::::::arm64:`	windows_10_1909	== None	== -
`cpe:2.3:o:microsoft:windows_server_1803:-:::::::*`	windows_server_1803	== None	== -
`cpe:2.3:o:microsoft:windows_server_1903:-:::::::*`	windows_server_1903	== None	== -
`cpe:2.3:o:microsoft:windows_server_1909:-:::::::*`	windows_server_1909	== None	== -

CPE URI

Source package

Min version

Max version

cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*

windows_10

== None

== -

cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*

windows_10

== None

== 1607

cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*

windows_10

== None

== 1709

cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*

windows_10

== None

== 1803

cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*

windows_10

== None

== 1809

cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*

windows_10

== None

== 1903

cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*

windows_10

== None

== 1909

cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*

windows_server_2016

== None

== -

cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*

windows_server_2016

== None

== 1803

cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*

windows_server_2016

== None

== 1903

cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*

windows_server_2016

== None

== 1909

cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*

windows_server_2019

== None

== -

cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*

windows_10_1507

== None

== -

cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*

windows_10_1607

== None

== -

cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:arm64:*

windows_10_1709

== None

== -

cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:arm64:*

windows_10_1803

== None

== -

cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*

windows_10_1809

== None

cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:arm64:*

windows_10_1903

== None

== -

cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:arm64:*

windows_10_1909

== None

== -

cpe:2.3:o:microsoft:windows_server_1803:-:*:*:*:*:*:*:*

windows_server_1803

== None

== -

cpe:2.3:o:microsoft:windows_server_1903:-:*:*:*:*:*:*:*

windows_server_1903

== None

== -

cpe:2.3:o:microsoft:windows_server_1909:-:*:*:*:*:*:*:*

windows_server_1909

== None

== -

References

Match rules

Vulnerable and fixed packages