Security News > 2023 > January > Exploit released for critical Windows CryptoAPI spoofing bug

Proof of concept exploit code has been released by Akamai researchers for a critical Windows CryptoAPI vulnerability discovered by the NSA and U.K.'s NCSC allowing MD5-collision certificate spoofing.
Unauthenticated attackers can exploit this bug in low-complexity attacks.
Today, security researchers with the Akamai cloud security firm have published a proof of concept exploit and shared an OSQuery to help defenders detect CryptoAPI library versions vulnerable to attacks.
Should an attack using a CVE-2022-34689 exploit be successful, it could also provide attackers with the ability to perform man-in-the-middle attacks and decrypt confidential information on user connections to the affected software, such as web browsers that use Windows' CryptoAPI cryptography library.
"There is still a lot of code that uses this API and might be exposed to this vulnerability, warranting a patch even for discontinued versions of Windows, like Windows 7. We advise you to patch your Windows servers and endpoints with the latest security patch released by Microsoft," Akamai said.
Exploit released for critical ManageEngine RCE bug, patch now.
News URL
Related news
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373) (source)
- Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk? (source)
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)
- EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware (source)
- Mozilla warns Windows users of critical Firefox sandbox escape flaw (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-11 | CVE-2022-34689 | Authentication Bypass by Spoofing vulnerability in Microsoft products Windows CryptoAPI Spoofing Vulnerability | 0.0 |