CVE-2020-0601 – Windows CryptoAPI Spoofing Vulnerability
CVE-2020-0601 – Windows CryptoAPI Spoofing Vulnerability A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. The user would have no …
CVE-2020-0601 – Windows CryptoAPI Spoofing Vulnerability Read More »