by vicarius
log in join community
by @khurram.arif
29 Oct 2022
#cve_analysis

Write a blog analysis for a CVE

publish

Windows CryptoAPI Spoofing - Certificate Incorrect Validation - CVE-2020-0601

by @khurram.arif
by @khurram.arif
29 Oct 2022
#cve_analysis

Write a blog analysis for a CVE

publish

Windows CryptoAPI Spoofing - Certificate Incorrect Validation - CVE-2020-0601

CVEs

CVE-2020-0601
8.1 High Severity

OS

Windows
WindowsMicrosoft
XP Professional.*
XP Professional.SP2 X64
NT.*
2003 Server.SP2
2003 Server.SP2 X64
2003 Server.SP1 Itanium
2003 Server.SP2 Itanium
2003 Server.SP1
2003 Server.*
1903.*
Windows 10
Windows 10Microsoft
23H2.*
22H2.*
22H2.*
22H2.*
22H2.*
22H2.*
22H2.*
22H2.*
22H2.*
22H2.*
Windows Server 2016
Windows Server 2016Microsoft
10.0.14393.6614.*
10.0.14393.5717.*
20H2.*
1909.*
1903.*
*.*
2019.*
1803.*
1709.*
1607.*
Windows Server 2019
Windows Server 2019Microsoft
10.0.17763.5329.*
10.0.17763.4010.*
18411.*
18409.*
18409.*
18409.2019
1909.*
1903.*
*.*
1809.2019

Apps

G
GOGolang
1.21.0-0.*
0.0.0-20201203163018-Be400aefbc4c.*
2018-07-13.*
2018-09-25.*
*.*
1.12.14.*
1.12.17.*
1.14.12.*
1.14.14.*
1.21.0.*

Screenshots from the blog posts

blog-posts/images/cl9u1m81hfr9q0llg6940djn3.jpgblog-posts/images/cl9u1m81hfr9q0llg6940djn3.jpg

Summary

Web browser security vulnerability - signature certificates using elliptic curve cryptography (ECC) is not correctly verified.

Description

Tags

#Microsoft#CVE-2020-0601#vicarius_blog#CryptoAPI#webbrowser#certificate#certificatevalidation
users/photos/cl9u4ikuuft0d0llg3b78egln.png

@khurram.arif

11 posts

Total vcoins

11.3K

Comments (0)