CVE-2023-35373

Mono Authenticode Validation Spoofing Vulnerability...

CVE-2023-35373

Mono Authenticode Validation Spoofing Vulnerability...

Spoofing

Mono Authenticode Validation Spoofing Vulnerability...

CVE-2023-35373 Mono Authenticode Validation Spoofing Vulnerability

...

CVE-2023-35373

CVE-2023-35373 corresponds to a Mono Authenticode Validation Spoofing vulnerability. Connected sources confirm a spoofing impact (pretending to be another user) affecting Mono Authenticode Validation, with a base CVSSv3.1 score around 5.3 (Medium) and an attack vector of network, high attack comp...

CVE-2023-35373 Mono Authenticode Validation Spoofing Vulnerability

...

Microsoft Windows Authenticode 安全漏洞

Microsoft Windows Authenticode is a code-signing technology from Microsoft Corporation USA that identifies the publisher of Authenticode-signed software. A security vulnerability exists in Microsoft Windows Authenticode. An attacker exploits this vulnerability to perform spoofing attacks...

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed vulnerabilities in several Developer Tools. A malicious person with access to the development environment can exploit the vulnerabilities to exploit attacks that could lead to the following categories of damage: Bypassing security measure. Remote code execution User rights...

PT-2023-18387 · Unknown · Velociraptor

Name of the Vulnerable Software and Affected Versions: Velociraptor versions prior to 0.6.8 Description: The issue is caused by insufficient validation in the PE and OLE parsers, allowing an attacker to crash Velociraptor during parsing of maliciously malformed files. For this attack to succeed,...

CVE-2023-25718

In ConnectWise Control through 22.9.10032 formerly known as ScreenConnect, after an executable file is signed, additional instructions can be added without invalidating the signature, such as instructions that result in offering the end user a different attacker-controlled executable file. It is...

Privilege escalation

DISPUTED In ConnectWise Control through 22.9.10032 formerly known as ScreenConnect, after an executable file is signed, additional instructions can be added without invalidating the signature, such as instructions that result in offering the end user a different attacker-controlled executable fil...

CVE-2023-25718

In ConnectWise Control through 22.9.10032 formerly known as ScreenConnect, after an executable file is signed, additional instructions can be added without invalidating the signature, such as instructions that result in offering the end user a different attacker-controlled executable file. It is...

Unofficial Patch Released for New Actively Exploited Windows MotW Vulnerability

An unofficial patch has been made available for an actively exploited security flaw in Microsoft Windows that makes it possible for files signed with malformed signatures to sneak past Mark-of-the-Web MotW protections. The fix, released by 0patch, arrives weeks after HP Wolf Security disclosed a...

Malformed signature trick can bypass Mark of the Web

Mark of the Web MOTW--the technology that ensures Windows pops a warning message when trying to open a file downloaded from the Internet--is back in the news, but unfortunately not in a good way. Bleeping Computer reports that a recently uncovered but somewhat old bug has been unearthed which hel...

The vulnerability relates to the signature verification function of Authenticode for the Windows operating system, allowing a perpetrator to execute arbitrary code.

The vulnerability of the Authenticode signature verification function in the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

Microsoft Windows Authenticode Signature Verification Remote Code Execution Vulnerability

The Authenticode Signature Verification function in Microsoft Windows WinVerifyTrust does not properly validate the digest of a signed portable executable PE file, which allows user-assisted remote attackers to execute code...

The vulnerability of the WinVerifyTrust function in the Windows operating system, allowing a hacker to execute arbitrary code

The vulnerability of the WinVerifyTrust function in the Windows operating system is related to improper validation of PE files during the verification of Authenticode signatures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created signed PE...

The vulnerability in the implementation of the Windows Authenticode signature technology of the Microsoft Windows operating system allows attackers to perform spoofing attacks.

The vulnerability of the Authenticode signature technology implemented in Microsoft Windows operating systems is related to errors in information presentation by the user interface. Exploiting this vulnerability can allow attackers to perform spoofing attacks...

Microsoft WinVerifyTrust function Remote Code Execution

A remote code execution vulnerability exists in the way that the WinVerifyTrust function handles Windows Authenticode signature verification for PE files...

‘Malsmoke’ Exploits Microsoft’s E-Signature Verification

Threat actors are exploiting Microsoft’s digital signature verification to steal user credentials and other sensitive information by delivering the ZLoader malware, which previously has been used to distribute Ryuk and Conti ransomware, researchers have found. Researchers at Check Point Research...