Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2020-0601: Windows CryptoAPI Spoofing Vulnerability

Back to Search

Microsoft CVE-2020-0601: Windows CryptoAPI Spoofing Vulnerability

Severity
6
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:N)
Published
01/14/2020
Created
01/15/2020
Added
01/14/2020
Modified
02/04/2020

Description

A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. The user would have no way of knowing the file was malicious, because the digital signature would appear to be from a trusted provider. A successful exploit could also allow the attacker to conduct man-in-the-middle attacks and decrypt confidential information on user connections to the affected software. The security update addresses the vulnerability by ensuring that Windows CryptoAPI completely validates ECC certificates.

Solution(s)

  • msft-kb4528760-0765cf38-e093-4e0a-87e8-aee7cc24862f
  • msft-kb4528760-19558abd-f6b7-4b01-880a-e1ef9790a793
  • msft-kb4528760-4703ad6d-3338-4e64-8439-c158cb882d76
  • msft-kb4528760-593cc274-62ca-47f3-ba01-c11d486bd1a9
  • msft-kb4528760-8fc18280-6925-4bd4-91c1-9c0f69b91e2e
  • msft-kb4528760-c139f586-b22d-4e85-a769-47af7820a792
  • msft-kb4534271-46de78a6-89c2-4adc-a827-d55e913ca853
  • msft-kb4534271-5778b2b9-7a93-4e8d-962f-ba6868611cd6
  • msft-kb4534271-94964c8f-2416-449c-a80e-207c0399ac6d
  • msft-kb4534273-1fc77237-e468-44bc-8e45-6e9c71db435f
  • msft-kb4534273-21037827-2824-4ffc-b51a-e9529f95add9
  • msft-kb4534273-6d10f5d9-bc82-4742-8ce3-6589ecdae601
  • msft-kb4534276-4324ac04-5bcf-4bf7-a79e-c68ced90d0e4
  • msft-kb4534276-a84fe9a9-c446-447d-8830-7dc36dbf31e1
  • msft-kb4534293-0ced42ab-867a-446a-855a-94e08338eee0
  • msft-kb4534293-1ea91d13-ca0b-4fba-9d4c-a453eb7db8fe
  • msft-kb4534293-cfac930f-4c55-4444-acbb-66f6812d4b2a
  • msft-kb4534306-54c34017-623d-43f3-9191-ff2746036ea7
  • msft-kb4534306-6aa03ae1-4902-47f6-9d4c-eb6cbc3cc413

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;