Security News > 2020 > January > PoC Exploits Published For Microsoft Crypto Bug
Two proof-of-concept exploits have been publicly released for the recently-patched crypto-spoofing vulnerability found by the National Security Agency and reported to Microsoft.
The two PoC exploits were published to GitHub on Thursday.
One PoC exploit was released by Kudelski Security and the other by a security researcher under the alias "Ollypwn".
A third PoC exploit was developed by security expert Saleem Rashid; who said on Twitter, Wednesday, that the PoC allowed him to fake TLS certificates and set up sites that look like legitimate ones.
Despite the roadblocks to exploitation, security experts say that publicly-released PoC exploits can pave the way for future exploitation of CVE-2020-0601 by adversaries.
News URL
https://threatpost.com/poc-exploits-published-for-microsoft-crypto-bug/151931/
Related news
- Cisco warns of denial of service flaw with PoC exploit code (source)
- Canadian charged with stealing $65 million using DeFI crypto exploits (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- SonicWall firewall bug leveraged in attacks after PoC exploit release (source)
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)
- PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159) (source)
- ⚡ THN Weekly Recap: Alerts on Zero-Day Exploits, AI Breaches, and Crypto Heists (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-14 | CVE-2020-0601 | Improper Certificate Validation vulnerability in multiple products A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'. | 8.1 |