Vulnerability Details CVE-2020-0601
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.939
EPSS Ranking 99.9%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 5.8
Proposed Action
Microsoft Windows CryptoAPI (Crypt32.dll) contains a spoofing vulnerability in the way it validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. A successful exploit could also allow the attacker to conduct man-in-the-middle attacks and decrypt confidential information on user connections to the affected software. The vulnerability is also known under the moniker of CurveBall.
Ransomware Campaign
Unknown
References
- http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html
- http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601
- http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html
- http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601
Products affected by CVE-2020-0601
-
cpe:2.3:a:golang:go:1.12
-
cpe:2.3:a:golang:go:1.12.0
-
cpe:2.3:a:golang:go:1.12.1
-
cpe:2.3:a:golang:go:1.12.10
-
cpe:2.3:a:golang:go:1.12.11
-
cpe:2.3:a:golang:go:1.12.12
-
cpe:2.3:a:golang:go:1.12.13
-
cpe:2.3:a:golang:go:1.12.14
-
cpe:2.3:a:golang:go:1.12.15
-
cpe:2.3:a:golang:go:1.12.2
-
cpe:2.3:a:golang:go:1.12.3
-
cpe:2.3:a:golang:go:1.12.4
-
cpe:2.3:a:golang:go:1.12.5
-
cpe:2.3:a:golang:go:1.12.6
-
cpe:2.3:a:golang:go:1.12.7
-
cpe:2.3:a:golang:go:1.12.8
-
cpe:2.3:a:golang:go:1.12.9
-
cpe:2.3:a:golang:go:1.13
-
cpe:2.3:a:golang:go:1.13.1
-
cpe:2.3:a:golang:go:1.13.2
-
cpe:2.3:a:golang:go:1.13.3
-
cpe:2.3:a:golang:go:1.13.4
-
cpe:2.3:a:golang:go:1.13.5
-
cpe:2.3:a:golang:go:1.13.6
-
cpe:2.3:o:microsoft:windows:-
-
cpe:2.3:o:microsoft:windows_10_1507:-
-
cpe:2.3:o:microsoft:windows_10_1607:-
-
cpe:2.3:o:microsoft:windows_10_1709:-
-
cpe:2.3:o:microsoft:windows_10_1803:-
-
cpe:2.3:o:microsoft:windows_10_1809:-
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1012
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1039
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.107
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1075
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1098
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1131
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1132
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1158
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1192
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1217
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1282
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1294
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1339
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.134
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1369
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1397
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1432
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1457
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1490
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1518
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1554
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1577
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1579
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1613
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1637
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.168
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1697
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1728
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1757
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1790
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1817
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1821
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1823
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1852
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1879
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1911
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1935
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.194
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.195
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1971
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.1999
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2028
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2029
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2061
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2090
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2091
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2114
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2145
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2183
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2213
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2237
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2268
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2300
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2305
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2330
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2366
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2369
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2452
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2458
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2510
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.253
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2565
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2628
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2686
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2746
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2803
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2867
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.292
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2928
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2931
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2989
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3046
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3113
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.316
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3165
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3232
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3287
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3346
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3406
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3469
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.348
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3532
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3534
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3650
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3653
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.379
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.3887
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4010
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.404
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4131
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4252
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.437
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4377
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.439
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4499
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4645
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4737
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.475
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4851
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.4974
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.503
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.504
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.5122
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.529
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.5329
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.55
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.557
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.5576
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.5696
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.5820
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.592
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.593
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.6054
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.615
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.6189
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.6293
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.6414
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.652
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.6532
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.6659
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.6775
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.678
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.6893
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.720
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.737
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.740
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.774
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.775
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.805
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.832
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.864
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.914
-
cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.973
-
cpe:2.3:o:microsoft:windows_10_1903:-
-
cpe:2.3:o:microsoft:windows_10_1909:-
-
cpe:2.3:o:microsoft:windows_server_1803:-
-
cpe:2.3:o:microsoft:windows_server_1903:-
-
cpe:2.3:o:microsoft:windows_server_1909:-
-
cpe:2.3:o:microsoft:windows_server_2016:-
-
cpe:2.3:o:microsoft:windows_server_2019:-