Back to KEVs

CVE-2020-0601

A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker...

Basic Information

CVE State
PUBLISHED
Reserved Date
November 04, 2019
Published Date
January 14, 2020
Last Updated
February 07, 2025
Vendor
Microsoft
Product
Windows, Windows Server, Windows 10 Version 1903 for 32-bit Systems, Windows 10 Version 1903 for x64-based Systems, Windows 10 Version 1903 for ARM64-based Systems, Windows Server, version 1903 (Server Core installation), Windows 10 Version 1909 for 32-bit Systems, Windows 10 Version 1909 for x64-based Systems, Windows Server, version 1909 (Server Core installation), Windows 10 Version 1909 for ARM64-based Systems
Description
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.

CVSS Scores

SSVC Information

Exploitation
active
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (added 2021-11-03 00:00:00 UTC) Source
Proof of Concept Available
Yes (added 2020-01-20 02:04:05 UTC) Source

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601 http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html

Known Exploited Vulnerability Information

Source Added Date
CISA 2021-11-03 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

eastmountyxz/CVE-2020-0601-EXP

Type: github • Created: 2020-02-17 15:01:54 UTC • Stars: 30

这资源是作者复现微软签字证书漏洞CVE-2020-0601,结合相关资源及文章实现。推荐大家结合作者博客,理解ECC算法、Windows验证机制,并尝试自己复现可执行文件签名证书和HTTPS劫持的例子。作为网络安全初学者,自己确实很菜,但希望坚持下去,加油!

yanghaoi/CVE-2020-0601

Type: github • Created: 2020-02-03 13:58:07 UTC • Stars: 1

PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll) POC: https://github.com/ollypwn/CurveBall

Ash112121/CVE-2020-0601

Type: github • Created: 2020-01-20 02:04:05 UTC • Stars: 0

IIICTECH/-CVE-2020-0601-ECC---EXPLOIT

Type: github • Created: 2020-01-19 18:20:26 UTC • Stars: 3

CurveBall (CVE-2020-0601) - PoC CVE-2020-0601, or commonly referred to as CurveBall, is a vulnerability in which the signature of certificates using elliptic curve cryptography (ECC) is not correctly verified. Attackers can supply hand-rolled generators, bypassing validation, antivirus & all non-protections.

YoannDqr/CVE-2020-0601

Type: github • Created: 2020-01-17 17:17:55 UTC • Stars: 2

CurveBall CVE exploitation

MarkusZehnle/CVE-2020-0601

Type: github • Created: 2020-01-17 16:24:31 UTC • Stars: 0

BlueTeamSteve/CVE-2020-0601

Type: github • Created: 2020-01-16 12:40:48 UTC • Stars: 1

Curated list of CVE-2020-0601 resources

RrUZi/Awesome-CVE-2020-0601

Type: github • Created: 2020-01-16 02:46:21 UTC • Stars: 5

😂An awesome curated list of repos for CVE-2020-0601.

SherlockSec/CVE-2020-0601

Type: github • Created: 2020-01-15 17:26:58 UTC • Stars: 1

A Windows Crypto Exploit

nissan-sudo/CVE-2020-0601

Type: github • Created: 2020-01-14 23:53:18 UTC • Stars: 2

Remote Code Execution Exploit