AttackerKBAKB:E152B863-E927-4417-BC7B-1472E48FD3A1CVE-2020-0601, aka NSACrypt
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka ‘Windows CryptoAPI Spoofing Vulnerability’.
Recent assessments:
busterb at January 14, 2020 8:26pm UTC reported:
I’m not so sure that @todb-r7’s assessment is completely correct, this affects all the things that validate certs, including TLS in browsers, powershell, etc. So kinda impactful beyond just local code execution, this could be a vector for all kinds of other spoofing.
More info in swiftonsecurity’s thread regarding how this pivots into RCE: <https://threadreaderapp.com/thread/1217159419533893633.html>
The method that should be affected here is <https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certgetcertificatechain> courtesy of <https://twitter.com/hackerfantastic/status/1217211301375696896>
Open source software that uses or exposes this method: https://codesearch.debian.net/search?q=CertGetCertificateChain&literal=1
The exposure of user-defined eliptical curves in TLS certificates created a window of opportunity for this bug to appear, which may have been mitigated if the underlying specification was simpler as well, especially with regards to seldom-used features like this. One may want to look ahead to similar bugs in other dark corners of a TLS implementation near you!
jcran at January 16, 2020 12:31am UTC reported:
I’m not so sure that @todb-r7’s assessment is completely correct, this affects all the things that validate certs, including TLS in browsers, powershell, etc. So kinda impactful beyond just local code execution, this could be a vector for all kinds of other spoofing.
More info in swiftonsecurity’s thread regarding how this pivots into RCE: <https://threadreaderapp.com/thread/1217159419533893633.html>
The method that should be affected here is <https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certgetcertificatechain> courtesy of <https://twitter.com/hackerfantastic/status/1217211301375696896>
Open source software that uses or exposes this method: https://codesearch.debian.net/search?q=CertGetCertificateChain&literal=1
The exposure of user-defined eliptical curves in TLS certificates created a window of opportunity for this bug to appear, which may have been mitigated if the underlying specification was simpler as well, especially with regards to seldom-used features like this. One may want to look ahead to similar bugs in other dark corners of a TLS implementation near you!
todb-r7 at January 14, 2020 8:20pm UTC reported:
I’m not so sure that @todb-r7’s assessment is completely correct, this affects all the things that validate certs, including TLS in browsers, powershell, etc. So kinda impactful beyond just local code execution, this could be a vector for all kinds of other spoofing.
More info in swiftonsecurity’s thread regarding how this pivots into RCE: <https://threadreaderapp.com/thread/1217159419533893633.html>
The method that should be affected here is <https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certgetcertificatechain> courtesy of <https://twitter.com/hackerfantastic/status/1217211301375696896>
Open source software that uses or exposes this method: https://codesearch.debian.net/search?q=CertGetCertificateChain&literal=1
The exposure of user-defined eliptical curves in TLS certificates created a window of opportunity for this bug to appear, which may have been mitigated if the underlying specification was simpler as well, especially with regards to seldom-used features like this. One may want to look ahead to similar bugs in other dark corners of a TLS implementation near you!
bwatters-r7 at January 23, 2020 8:45pm UTC reported:
I’m not so sure that @todb-r7’s assessment is completely correct, this affects all the things that validate certs, including TLS in browsers, powershell, etc. So kinda impactful beyond just local code execution, this could be a vector for all kinds of other spoofing.
More info in swiftonsecurity’s thread regarding how this pivots into RCE: <https://threadreaderapp.com/thread/1217159419533893633.html>
The method that should be affected here is <https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certgetcertificatechain> courtesy of <https://twitter.com/hackerfantastic/status/1217211301375696896>
Open source software that uses or exposes this method: https://codesearch.debian.net/search?q=CertGetCertificateChain&literal=1
The exposure of user-defined eliptical curves in TLS certificates created a window of opportunity for this bug to appear, which may have been mitigated if the underlying specification was simpler as well, especially with regards to seldom-used features like this. One may want to look ahead to similar bugs in other dark corners of a TLS implementation near you!
hrbrmstr at January 15, 2020 7:16pm UTC reported:
I’m not so sure that @todb-r7’s assessment is completely correct, this affects all the things that validate certs, including TLS in browsers, powershell, etc. So kinda impactful beyond just local code execution, this could be a vector for all kinds of other spoofing.
More info in swiftonsecurity’s thread regarding how this pivots into RCE: <https://threadreaderapp.com/thread/1217159419533893633.html>
The method that should be affected here is <https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certgetcertificatechain> courtesy of <https://twitter.com/hackerfantastic/status/1217211301375696896>
Open source software that uses or exposes this method: https://codesearch.debian.net/search?q=CertGetCertificateChain&literal=1
The exposure of user-defined eliptical curves in TLS certificates created a window of opportunity for this bug to appear, which may have been mitigated if the underlying specification was simpler as well, especially with regards to seldom-used features like this. One may want to look ahead to similar bugs in other dark corners of a TLS implementation near you!
wvu-r7 at January 15, 2020 12:29am UTC reported:
I’m not so sure that @todb-r7’s assessment is completely correct, this affects all the things that validate certs, including TLS in browsers, powershell, etc. So kinda impactful beyond just local code execution, this could be a vector for all kinds of other spoofing.
More info in swiftonsecurity’s thread regarding how this pivots into RCE: <https://threadreaderapp.com/thread/1217159419533893633.html>
The method that should be affected here is <https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certgetcertificatechain> courtesy of <https://twitter.com/hackerfantastic/status/1217211301375696896>
Open source software that uses or exposes this method: https://codesearch.debian.net/search?q=CertGetCertificateChain&literal=1
The exposure of user-defined eliptical curves in TLS certificates created a window of opportunity for this bug to appear, which may have been mitigated if the underlying specification was simpler as well, especially with regards to seldom-used features like this. One may want to look ahead to similar bugs in other dark corners of a TLS implementation near you!
gwillcox-r7 at October 20, 2020 7:04pm UTC reported:
I’m not so sure that @todb-r7’s assessment is completely correct, this affects all the things that validate certs, including TLS in browsers, powershell, etc. So kinda impactful beyond just local code execution, this could be a vector for all kinds of other spoofing.
More info in swiftonsecurity’s thread regarding how this pivots into RCE: <https://threadreaderapp.com/thread/1217159419533893633.html>
The method that should be affected here is <https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certgetcertificatechain> courtesy of <https://twitter.com/hackerfantastic/status/1217211301375696896>
Open source software that uses or exposes this method: https://codesearch.debian.net/search?q=CertGetCertificateChain&literal=1
The exposure of user-defined eliptical curves in TLS certificates created a window of opportunity for this bug to appear, which may have been mitigated if the underlying specification was simpler as well, especially with regards to seldom-used features like this. One may want to look ahead to similar bugs in other dark corners of a TLS implementation near you!
Assessed Attacker Value: 5
Assessed Attacker Value: 5Assessed Attacker Value: 3
References
packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html
packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0601
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601
Related
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N