Security News > 2020 > January > PoC Exploits Released for Crypto Vulnerability Found by NSA
Several proof-of-concept exploits have already been created - and some of them have been made public - for CVE-2020-0601, the crypto-related Windows vulnerability that Microsoft patched recently after being notified by the U.S. National Security Agency.
Currently, there is no evidence that the vulnerability has been exploited in attacks, but PoC exploits have been created for CVE-2020-0601 much faster than many had anticipated.
One of the first researchers to announce successfully creating an exploit was Saleem Rashid, who published a couple of screenshots apparently showing the vulnerability being used to forge TLS certificates.
While some researchers have yet to make their PoC exploits public, others have done so.
Kudelski Security has argued that it has decided to make its PoC public due to the fact that script kiddies and most cybercriminals do not have the knowledge and resources required to exploit the vulnerability.
News URL
Related news
- Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners (source)
- LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers (source)
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)
- New Web3 attack exploits transaction simulations to steal crypto (source)
- Cisco warns of denial of service flaw with PoC exploit code (source)
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw (source)
- Canadian charged with stealing $65 million using DeFI crypto exploits (source)
- CISA Warns of Active Exploits Targeting Trimble Cityworks Vulnerability (source)
- Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability (source)
- SonicWall firewall bug leveraged in attacks after PoC exploit release (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-14 | CVE-2020-0601 | Improper Certificate Validation vulnerability in multiple products A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'. | 8.1 |