Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Very High
CVE-2020-0601, aka NSACrypt
Disclosure Date: January 14, 2020 (last updated October 06, 2023)
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.
4