CVE-2020-0601

Summary

A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.

Affected Software

VendorProductVersion RangeStatus
MicrosoftWindows10 Version 1803 for 32-bit Systemsaffected
MicrosoftWindows10 Version 1803 for x64-based Systemsaffected
MicrosoftWindows10 Version 1803 for ARM64-based Systemsaffected
MicrosoftWindows10 Version 1809 for 32-bit Systemsaffected
MicrosoftWindows10 Version 1809 for x64-based Systemsaffected
MicrosoftWindows10 Version 1809 for ARM64-based Systemsaffected
MicrosoftWindows10 Version 1709 for 32-bit Systemsaffected
MicrosoftWindows10 Version 1709 for x64-based Systemsaffected
MicrosoftWindows10 Version 1709 for ARM64-based Systemsaffected
MicrosoftWindows10 for 32-bit Systemsaffected
MicrosoftWindows10 for x64-based Systemsaffected
MicrosoftWindows10 Version 1607 for 32-bit Systemsaffected
MicrosoftWindows10 Version 1607 for x64-based Systemsaffected
MicrosoftWindows Serverversion 1803 (Core Installation)affected
MicrosoftWindows Server2019affected
MicrosoftWindows Server2019 (Core installation)affected
MicrosoftWindows Server2016affected
MicrosoftWindows Server2016 (Core installation)affected
MicrosoftWindows 10 Version 1903 for 32-bit Systemsunspecifiedaffected
MicrosoftWindows 10 Version 1903 for x64-based Systemsunspecifiedaffected
MicrosoftWindows 10 Version 1903 for ARM64-based Systemsunspecifiedaffected
MicrosoftWindows Server, version 1903 (Server Core installation)unspecifiedaffected
MicrosoftWindows 10 Version 1909 for 32-bit Systemsunspecifiedaffected
MicrosoftWindows 10 Version 1909 for x64-based Systemsunspecifiedaffected
MicrosoftWindows Server, version 1909 (Server Core installation)unspecifiedaffected
MicrosoftWindows 10 Version 1909 for ARM64-based Systemsunspecifiedaffected

Weaknesses

  • Spoofing

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: no
    • Technical Impact: total

Additional References

References