CryptoAPI attacks

CVE-2020-0601

Advisory: Windows CryptoAPI Spoofing Vulnerability

Our blog post on CVE-2020-0601 and the PoC.

Our demo website to test if you have the patch installed. (Linux & MacOS users were never impacted.)

CVE-2022-34689

Advisory: Windows CryptoAPI Spoofing Vulnerability

Initial blog post by Akamai Research.

Coming soon.

NorthSec 2023

Slides are in presentation folder.

Notes

After the vulnerability, the usage of explicit parameters have been removed from Openssl:

$ openssl verify -verbose -CAfile ca-rogue.pem client-cert.pem
C = CH, ST = Vaud, L = Lausanne, O = Kudelski Security PoC, OU = Research Team, CN = github.com
error 94 at 1 depth lookup: Certificate public key has explicit ECC parameters
error client-cert.pem: verification failed

See https://lightshipsec.com/explicitly-parameterized-ecdsa-x-509-certificates/ and openssl/openssl#12139.

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
cve-2020-0601		cve-2020-0601
presentation		presentation
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

cve-2020-0601

cve-2020-0601

presentation

presentation

README.md

README.md

Repository files navigation

CryptoAPI attacks

CVE-2020-0601

CVE-2022-34689

NorthSec 2023

Notes

About

Releases

Packages

Contributors 2

Languages

kudelskisecurity/northsec_crypto_api_attacks

Folders and files

Latest commit

History

Repository files navigation

CryptoAPI attacks

CVE-2020-0601

CVE-2022-34689

NorthSec 2023

Notes

About

Resources

Security policy

Stars

Watchers

Forks

Languages