CVE-2020-0601

Name
CVE-2020-0601
Description
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.
NVD Severity
high
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Patch https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601
MISC http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html
MISC http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:* windows_10 == None == -
cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:* windows_10 == None == 1607
cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:* windows_10 == None == 1709
cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:* windows_10 == None == 1803
cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:* windows_10 == None == 1809
cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:* windows_10 == None == 1903
cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:* windows_10 == None == 1909
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:* windows_server_2016 == None == -
cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:* windows_server_2016 == None == 1803
cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:* windows_server_2016 == None == 1903
cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:* windows_server_2016 == None == 1909
cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:* windows_server_2019 == None == -

Vulnerable and fixed packages

Source package Branch Version Maintainer Status