Vulnerability-Lookup

CVE-2020-0601 (GCVE-0-2020-0601)

Vulnerability from cvelistv5 – Published: 2020-01-14 23:11 – Updated: 2025-10-21 23:35

CISA KEV

Summary

A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.

Severity ?

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE

Spoofing

Assigner

microsoft

References

URL

Tags

	https://portal.msrc.microsoft.com/en-US/security-…	x_refsource_MISC
	http://packetstormsecurity.com/files/155961/Curve…	x_refsource_MISC
	http://packetstormsecurity.com/files/155960/Curve…	x_refsource_MISC

Impacted products

Vendor

Product

Version

Microsoft

Windows

Affected: 10 Version 1803 for 32-bit Systems
Affected: 10 Version 1803 for x64-based Systems
Affected: 10 Version 1803 for ARM64-based Systems
Affected: 10 Version 1809 for 32-bit Systems
Affected: 10 Version 1809 for x64-based Systems
Affected: 10 Version 1809 for ARM64-based Systems
Affected: 10 Version 1709 for 32-bit Systems
Affected: 10 Version 1709 for x64-based Systems
Affected: 10 Version 1709 for ARM64-based Systems
Affected: 10 for 32-bit Systems
Affected: 10 for x64-based Systems
Affected: 10 Version 1607 for 32-bit Systems
Affected: 10 Version 1607 for x64-based Systems

Microsoft	Windows Server	Affected: version 1803 (Core Installation) Affected: 2019 Affected: 2019 (Core installation) Affected: 2016 Affected: 2016 (Core installation)
Microsoft	Windows 10 Version 1903 for 32-bit Systems	Affected: unspecified
Microsoft	Windows 10 Version 1903 for x64-based Systems	Affected: unspecified
Microsoft	Windows 10 Version 1903 for ARM64-based Systems	Affected: unspecified
Microsoft	Windows Server, version 1903 (Server Core installation)	Affected: unspecified
Microsoft	Windows 10 Version 1909 for 32-bit Systems	Affected: unspecified
Microsoft	Windows 10 Version 1909 for x64-based Systems	Affected: unspecified
Microsoft	Windows Server, version 1909 (Server Core installation)	Affected: unspecified
Microsoft	Windows 10 Version 1909 for ARM64-based Systems	Affected: unspecified

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: 00f1230b-e4ab-4a57-82b6-37ca92fc5626

Vulnerability ID: CVE-2020-0601

Status: Confirmed

Status Updated: 2021-11-03 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2021-11-03

Asserted: 2021-11-03

Scope

Notes: KEV entry: Microsoft Windows CryptoAPI Spoofing Vulnerability | Affected: Microsoft / Windows | Description: Microsoft Windows CryptoAPI (Crypt32.dll) contains a spoofing vulnerability in the way it validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. A successful exploit could also allow the attacker to conduct man-in-the-middle attacks and decrypt confidential information on user connections to the affected software. The vulnerability is also known under the moniker of CurveBall. | Required action: Apply updates per vendor instructions. | Due date: 2022-05-03 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): Reference CISA's ED 20-02 (https://www.cisa.gov/news-events/directives/ed-20-02-mitigate-windows-vulnerabilities-january-2020-patch-tuesday) for further guidance and requirements. Note: The due date for addressing this vulnerability aligns with the requirements outlined in ED 20-02. https://nvd.nist.gov/vuln/detail/CVE-2020-0601

Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details

Cwes	CWE-295
Feed	CISA Known Exploited Vulnerabilities Catalog
Product	Windows
Due Date	2022-05-03
Date Added	2021-11-03
Vendorproject	Microsoft
Vulnerabilityname	Microsoft Windows CryptoAPI Spoofing Vulnerability
Knownransomwarecampaignuse	Unknown

References

CVE-2020-0601

Created: 2026-02-02 12:28 UTC | Updated: 2026-02-02 12:28 UTC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:11:04.613Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 8.1,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2020-0601",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-07T15:27:42.659796Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-11-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0601"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-295",
                "description": "CWE-295 Improper Certificate Validation",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:35:53.978Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0601"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-03T00:00:00+00:00",
            "value": "CVE-2020-0601 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Windows",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "10 Version 1803 for 32-bit Systems"
            },
            {
              "status": "affected",
              "version": "10 Version 1803 for x64-based Systems"
            },
            {
              "status": "affected",
              "version": "10 Version 1803 for ARM64-based Systems"
            },
            {
              "status": "affected",
              "version": "10 Version 1809 for 32-bit Systems"
            },
            {
              "status": "affected",
              "version": "10 Version 1809 for x64-based Systems"
            },
            {
              "status": "affected",
              "version": "10 Version 1809 for ARM64-based Systems"
            },
            {
              "status": "affected",
              "version": "10 Version 1709 for 32-bit Systems"
            },
            {
              "status": "affected",
              "version": "10 Version 1709 for x64-based Systems"
            },
            {
              "status": "affected",
              "version": "10 Version 1709 for ARM64-based Systems"
            },
            {
              "status": "affected",
              "version": "10 for 32-bit Systems"
            },
            {
              "status": "affected",
              "version": "10 for x64-based Systems"
            },
            {
              "status": "affected",
              "version": "10 Version 1607 for 32-bit Systems"
            },
            {
              "status": "affected",
              "version": "10 Version 1607 for x64-based Systems"
            }
          ]
        },
        {
          "product": "Windows Server",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "version 1803  (Core Installation)"
            },
            {
              "status": "affected",
              "version": "2019"
            },
            {
              "status": "affected",
              "version": "2019  (Core installation)"
            },
            {
              "status": "affected",
              "version": "2016"
            },
            {
              "status": "affected",
              "version": "2016  (Core installation)"
            }
          ]
        },
        {
          "product": "Windows 10 Version 1903 for 32-bit Systems",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "unspecified"
            }
          ]
        },
        {
          "product": "Windows 10 Version 1903 for x64-based Systems",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "unspecified"
            }
          ]
        },
        {
          "product": "Windows 10 Version 1903 for ARM64-based Systems",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "unspecified"
            }
          ]
        },
        {
          "product": "Windows Server, version 1903 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "unspecified"
            }
          ]
        },
        {
          "product": "Windows 10 Version 1909 for 32-bit Systems",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "unspecified"
            }
          ]
        },
        {
          "product": "Windows 10 Version 1909 for x64-based Systems",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "unspecified"
            }
          ]
        },
        {
          "product": "Windows Server, version 1909 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "unspecified"
            }
          ]
        },
        {
          "product": "Windows 10 Version 1909 for ARM64-based Systems",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "unspecified"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka \u0027Windows CryptoAPI Spoofing Vulnerability\u0027."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Spoofing",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-16T17:06:04.000Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2020-0601",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10 Version 1803 for 32-bit Systems"
                          },
                          {
                            "version_value": "10 Version 1803 for x64-based Systems"
                          },
                          {
                            "version_value": "10 Version 1803 for ARM64-based Systems"
                          },
                          {
                            "version_value": "10 Version 1809 for 32-bit Systems"
                          },
                          {
                            "version_value": "10 Version 1809 for x64-based Systems"
                          },
                          {
                            "version_value": "10 Version 1809 for ARM64-based Systems"
                          },
                          {
                            "version_value": "10 Version 1709 for 32-bit Systems"
                          },
                          {
                            "version_value": "10 Version 1709 for x64-based Systems"
                          },
                          {
                            "version_value": "10 Version 1709 for ARM64-based Systems"
                          },
                          {
                            "version_value": "10 for 32-bit Systems"
                          },
                          {
                            "version_value": "10 for x64-based Systems"
                          },
                          {
                            "version_value": "10 Version 1607 for 32-bit Systems"
                          },
                          {
                            "version_value": "10 Version 1607 for x64-based Systems"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Windows Server",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "version 1803  (Core Installation)"
                          },
                          {
                            "version_value": "2019"
                          },
                          {
                            "version_value": "2019  (Core installation)"
                          },
                          {
                            "version_value": "2016"
                          },
                          {
                            "version_value": "2016  (Core installation)"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Windows 10 Version 1903 for 32-bit Systems",
                      "version": {
                        "version_data": [
                          {
                            "version_value": ""
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Windows 10 Version 1903 for x64-based Systems",
                      "version": {
                        "version_data": [
                          {
                            "version_value": ""
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Windows 10 Version 1903 for ARM64-based Systems",
                      "version": {
                        "version_data": [
                          {
                            "version_value": ""
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Windows Server, version 1903 (Server Core installation)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": ""
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Windows 10 Version 1909 for 32-bit Systems",
                      "version": {
                        "version_data": [
                          {
                            "version_value": ""
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Windows 10 Version 1909 for x64-based Systems",
                      "version": {
                        "version_data": [
                          {
                            "version_value": ""
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Windows Server, version 1909 (Server Core installation)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": ""
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Windows 10 Version 1909 for ARM64-based Systems",
                      "version": {
                        "version_data": [
                          {
                            "version_value": ""
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Microsoft"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka \u0027Windows CryptoAPI Spoofing Vulnerability\u0027."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Spoofing"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601",
              "refsource": "MISC",
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601"
            },
            {
              "name": "http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2020-0601",
    "datePublished": "2020-01-14T23:11:20.000Z",
    "dateReserved": "2019-11-04T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:35:53.978Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2020-0601",
      "cwes": "[\"CWE-295\"]",
      "dateAdded": "2021-11-03",
      "dueDate": "2022-05-03",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "Reference CISA\u0027s ED 20-02 (https://www.cisa.gov/news-events/directives/ed-20-02-mitigate-windows-vulnerabilities-january-2020-patch-tuesday) for further guidance and requirements. Note: The due date for addressing this vulnerability aligns with the requirements outlined in ED 20-02. https://nvd.nist.gov/vuln/detail/CVE-2020-0601",
      "product": "Windows",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Microsoft Windows CryptoAPI (Crypt32.dll) contains a spoofing vulnerability in the way it validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. A successful exploit could also allow the attacker to conduct man-in-the-middle attacks and decrypt confidential information on user connections to the affected software. The vulnerability is also known under the moniker of CurveBall.",
      "vendorProject": "Microsoft",
      "vulnerabilityName": "Microsoft Windows CryptoAPI Spoofing Vulnerability"
    },
    "fkie_nvd": {
      "cisaActionDue": "2020-01-29",
      "cisaExploitAdd": "2021-11-03",
      "cisaRequiredAction": "Apply updates per vendor instructions.",
      "cisaVulnerabilityName": "Microsoft Windows CryptoAPI Spoofing Vulnerability",
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"21540673-614A-4D40-8BD7-3F07723803B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"83B14968-3985-43C3-ACE5-8307196EFAE3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7CB85C75-4D35-480E-843D-60579EC75FCB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B8F3DD2-A145-4AF1-8545-CC42892DA3D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3FB5CDAE-C713-4D9D-9D6A-2C2E8924A4BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9273B95-20ED-4547-B0A8-95AD15B30372\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CAACE735-003E-4ACB-A82E-C0CF97D7F013\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B921FDB-8E7D-427E-82BE-4432585080CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C253A63F-03AB-41CB-A03A-B2674DEA98AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB79EE26-FC32-417D-A49C-A1A63165A968\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.12\", \"versionEndExcluding\": \"1.12.16\", \"matchCriteriaId\": \"CA6E96C9-FEC1-4174-AB7D-783DF8EC2097\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.13\", \"versionEndExcluding\": \"1.13.7\", \"matchCriteriaId\": \"9C8D6C09-AF12-4600-9C21-4F7A46CC78D8\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka \u0027Windows CryptoAPI Spoofing Vulnerability\u0027.\"}, {\"lang\": \"es\", \"value\": \"Se presenta una vulnerabilidad de suplantaci\\u00f3n de identidad en la manera en que Windows CryptoAPI (Crypt32.dll) comprueba los certificados Elliptic Curve Cryptography (ECC). Un atacante podr\\u00eda explotar la vulnerabilidad mediante el uso de un certificado de firma de c\\u00f3digo falsificado para firmar un ejecutable malicioso, haciendo que parezca que el archivo era de una fuente confiable y leg\\u00edtima, tambi\\u00e9n se conoce como \\\"Windows CryptoAPI Spoofing Vulnerability\\\".\"}]",
      "id": "CVE-2020-0601",
      "lastModified": "2024-11-21T04:53:50.097",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N\", \"baseScore\": 8.1, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.2}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:N\", \"baseScore\": 5.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 4.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2020-01-14T23:15:30.207",
      "references": "[{\"url\": \"http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "secure@microsoft.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-295\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-0601\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2020-01-14T23:15:30.207\",\"lastModified\":\"2025-10-29T14:33:49.467\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka \u0027Windows CryptoAPI Spoofing Vulnerability\u0027.\"},{\"lang\":\"es\",\"value\":\"Se presenta una vulnerabilidad de suplantaci\u00f3n de identidad en la manera en que Windows CryptoAPI (Crypt32.dll) comprueba los certificados Elliptic Curve Cryptography (ECC). Un atacante podr\u00eda explotar la vulnerabilidad mediante el uso de un certificado de firma de c\u00f3digo falsificado para firmar un ejecutable malicioso, haciendo que parezca que el archivo era de una fuente confiable y leg\u00edtima, tambi\u00e9n se conoce como \\\"Windows CryptoAPI Spoofing Vulnerability\\\".\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":5.2},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":5.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:N\",\"baseScore\":5.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"cisaExploitAdd\":\"2021-11-03\",\"cisaActionDue\":\"2020-01-29\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Microsoft Windows CryptoAPI Spoofing Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-295\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-295\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*\",\"matchCriteriaId\":\"A045AC0A-471E-444C-B3B0-4CABC23E8CFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*\",\"matchCriteriaId\":\"28A7FEE9-B473-48A0-B0ED-A5CC1E44194C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*\",\"matchCriteriaId\":\"5E491E46-1917-41FE-8F9A-BB0BDDEB42C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*\",\"matchCriteriaId\":\"0A1BC97A-263E-4291-8AEF-02EE4E6031E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:arm64:*\",\"matchCriteriaId\":\"555C22C7-356D-4DA7-8CED-DA7423BBC6CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:x64:*\",\"matchCriteriaId\":\"469F95D3-ABBB-4F1A-A000-BE0F6BD60FF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:x86:*\",\"matchCriteriaId\":\"D76003FB-EE99-4D8E-B6A0-B13C2041E5A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:arm64:*\",\"matchCriteriaId\":\"40151476-C0FD-4336-8194-039E8827B7C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:x64:*\",\"matchCriteriaId\":\"D82F8AF7-ED01-4649-849E-F248F0E02384\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:x86:*\",\"matchCriteriaId\":\"C1CFB53B-B17B-47BD-BAC1-C6C5D168FFB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*\",\"matchCriteriaId\":\"251E413C-68F6-43C6-975C-C0B6AD4D36DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*\",\"matchCriteriaId\":\"4C3391B0-C6A6-4F6F-AC1B-AD0927C2C986\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*\",\"matchCriteriaId\":\"112871CE-B37B-454E-AC10-A285D92CCE0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:arm64:*\",\"matchCriteriaId\":\"9E1ED169-6F03-4BD5-B227-5FA54DB40AD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:x64:*\",\"matchCriteriaId\":\"5C5B5180-1E12-45C2-8275-B9E528955307\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:x86:*\",\"matchCriteriaId\":\"B6A0DB01-49CB-4445-AFE8-57C2186857BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:arm64:*\",\"matchCriteriaId\":\"9285A9B5-4759-43E7-9589-CDBCA7100605\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:x64:*\",\"matchCriteriaId\":\"0D77EA14-F61D-4B9E-A385-70B88C482116\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:x86:*\",\"matchCriteriaId\":\"1A6FC9EE-D486-4AFE-A20E-4278468A1779\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_1803:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37097C39-D588-4018-B94D-5EB87B1E3D5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_1903:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"530DF8C9-467C-4F4F-9FCA-CDD934BADF3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_1909:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADE7E7B1-64AC-4986-A50B-0918A42C05BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB79EE26-FC32-417D-A49C-A1A63165A968\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.12\",\"versionEndExcluding\":\"1.12.16\",\"matchCriteriaId\":\"CA6E96C9-FEC1-4174-AB7D-783DF8EC2097\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.13\",\"versionEndExcluding\":\"1.13.7\",\"matchCriteriaId\":\"9C8D6C09-AF12-4600-9C21-4F7A46CC78D8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0601\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T06:11:04.613Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2020-0601\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-07T15:27:42.659796Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2021-11-03\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0601\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2021-11-03T00:00:00+00:00\", \"value\": \"CVE-2020-0601 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0601\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-295\", \"description\": \"CWE-295 Improper Certificate Validation\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-07T15:27:09.375Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Microsoft\", \"product\": \"Windows\", \"versions\": [{\"status\": \"affected\", \"version\": \"10 Version 1803 for 32-bit Systems\"}, {\"status\": \"affected\", \"version\": \"10 Version 1803 for x64-based Systems\"}, {\"status\": \"affected\", \"version\": \"10 Version 1803 for ARM64-based Systems\"}, {\"status\": \"affected\", \"version\": \"10 Version 1809 for 32-bit Systems\"}, {\"status\": \"affected\", \"version\": \"10 Version 1809 for x64-based Systems\"}, {\"status\": \"affected\", \"version\": \"10 Version 1809 for ARM64-based Systems\"}, {\"status\": \"affected\", \"version\": \"10 Version 1709 for 32-bit Systems\"}, {\"status\": \"affected\", \"version\": \"10 Version 1709 for x64-based Systems\"}, {\"status\": \"affected\", \"version\": \"10 Version 1709 for ARM64-based Systems\"}, {\"status\": \"affected\", \"version\": \"10 for 32-bit Systems\"}, {\"status\": \"affected\", \"version\": \"10 for x64-based Systems\"}, {\"status\": \"affected\", \"version\": \"10 Version 1607 for 32-bit Systems\"}, {\"status\": \"affected\", \"version\": \"10 Version 1607 for x64-based Systems\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server\", \"versions\": [{\"status\": \"affected\", \"version\": \"version 1803  (Core Installation)\"}, {\"status\": \"affected\", \"version\": \"2019\"}, {\"status\": \"affected\", \"version\": \"2019  (Core installation)\"}, {\"status\": \"affected\", \"version\": \"2016\"}, {\"status\": \"affected\", \"version\": \"2016  (Core installation)\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 1903 for 32-bit Systems\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 1903 for x64-based Systems\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 1903 for ARM64-based Systems\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server, version 1903 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 1909 for 32-bit Systems\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 1909 for x64-based Systems\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server, version 1909 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 1909 for ARM64-based Systems\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\"}]}], \"references\": [{\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka \u0027Windows CryptoAPI Spoofing Vulnerability\u0027.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Spoofing\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2020-01-16T17:06:04.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"10 Version 1803 for 32-bit Systems\"}, {\"version_value\": \"10 Version 1803 for x64-based Systems\"}, {\"version_value\": \"10 Version 1803 for ARM64-based Systems\"}, {\"version_value\": \"10 Version 1809 for 32-bit Systems\"}, {\"version_value\": \"10 Version 1809 for x64-based Systems\"}, {\"version_value\": \"10 Version 1809 for ARM64-based Systems\"}, {\"version_value\": \"10 Version 1709 for 32-bit Systems\"}, {\"version_value\": \"10 Version 1709 for x64-based Systems\"}, {\"version_value\": \"10 Version 1709 for ARM64-based Systems\"}, {\"version_value\": \"10 for 32-bit Systems\"}, {\"version_value\": \"10 for x64-based Systems\"}, {\"version_value\": \"10 Version 1607 for 32-bit Systems\"}, {\"version_value\": \"10 Version 1607 for x64-based Systems\"}]}, \"product_name\": \"Windows\"}, {\"version\": {\"version_data\": [{\"version_value\": \"version 1803  (Core Installation)\"}, {\"version_value\": \"2019\"}, {\"version_value\": \"2019  (Core installation)\"}, {\"version_value\": \"2016\"}, {\"version_value\": \"2016  (Core installation)\"}]}, \"product_name\": \"Windows Server\"}, {\"version\": {\"version_data\": [{\"version_value\": \"\"}]}, \"product_name\": \"Windows 10 Version 1903 for 32-bit Systems\"}, {\"version\": {\"version_data\": [{\"version_value\": \"\"}]}, \"product_name\": \"Windows 10 Version 1903 for x64-based Systems\"}, {\"version\": {\"version_data\": [{\"version_value\": \"\"}]}, \"product_name\": \"Windows 10 Version 1903 for ARM64-based Systems\"}, {\"version\": {\"version_data\": [{\"version_value\": \"\"}]}, \"product_name\": \"Windows Server, version 1903 (Server Core installation)\"}, {\"version\": {\"version_data\": [{\"version_value\": \"\"}]}, \"product_name\": \"Windows 10 Version 1909 for 32-bit Systems\"}, {\"version\": {\"version_data\": [{\"version_value\": \"\"}]}, \"product_name\": \"Windows 10 Version 1909 for x64-based Systems\"}, {\"version\": {\"version_data\": [{\"version_value\": \"\"}]}, \"product_name\": \"Windows Server, version 1909 (Server Core installation)\"}, {\"version\": {\"version_data\": [{\"version_value\": \"\"}]}, \"product_name\": \"Windows 10 Version 1909 for ARM64-based Systems\"}]}, \"vendor_name\": \"Microsoft\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601\", \"name\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html\", \"name\": \"http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html\", \"name\": \"http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka \u0027Windows CryptoAPI Spoofing Vulnerability\u0027.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Spoofing\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2020-0601\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secure@microsoft.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2020-0601\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:35:53.978Z\", \"dateReserved\": \"2019-11-04T00:00:00.000Z\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2020-01-14T23:11:20.000Z\", \"assignerShortName\": \"microsoft\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CNVD-2020-02446

Vulnerability from cnvd - Published: 2020-01-16

Title

Microsoft Windows CryptoAPI欺骗漏洞

Description

Microsoft Windows是美国微软公司发布的视窗操作系统。Microsoft CryptoAPI 是微软提供给开发人员的 Windows 安全服务应用程序接口，可用于加密的应用程序，实现数据加密、解密、签名及验证等功能。 Microsoft Windows CryptoAPI存在欺骗漏洞。该漏洞位于Windows CryptoAPI(Crypt32.dll)验证椭圆曲线加密算法证书的方式，可能影响信任的一些实例包括（不限于）：HTTPS连接、文件签名和电子邮件签名、以用户模式启动的签名可执行程序。攻击者可以利用该漏洞伪造代码签名证书对恶意可执行文件进行签名，从而使该文件看似来自受信任的合法来源。还可能滥用crypt32.dll中的漏洞来欺骗与特定软件相关的数字签名。

Severity

高

Patch Name

Microsoft Windows CryptoAPI欺骗漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601

Reference

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601

Impacted products

Name
['Microsoft Windows 10', 'Microsoft Windows 10 1607', 'Microsoft Windows Server 2016', 'Microsoft Windows 10 1709', 'Microsoft Windows 10 1803', 'Microsoft Windows Server 1803', 'Microsoft Windows Server 2019', 'Microsoft Windows 10 1809', 'Microsoft Windows 10 1903', 'Microsoft Windows Server 1903', 'Microsoft Windows Server 1909']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-0601"
    }
  },
  "description": "Microsoft Windows\u662f\u7f8e\u56fd\u5fae\u8f6f\u516c\u53f8\u53d1\u5e03\u7684\u89c6\u7a97\u64cd\u4f5c\u7cfb\u7edf\u3002Microsoft CryptoAPI \u662f\u5fae\u8f6f\u63d0\u4f9b\u7ed9\u5f00\u53d1\u4eba\u5458\u7684 Windows \u5b89\u5168\u670d\u52a1\u5e94\u7528\u7a0b\u5e8f\u63a5\u53e3\uff0c\u53ef\u7528\u4e8e\u52a0\u5bc6\u7684\u5e94\u7528\u7a0b\u5e8f\uff0c\u5b9e\u73b0\u6570\u636e\u52a0\u5bc6\u3001\u89e3\u5bc6\u3001\u7b7e\u540d\u53ca\u9a8c\u8bc1\u7b49\u529f\u80fd\u3002\n\nMicrosoft Windows CryptoAPI\u5b58\u5728\u6b3a\u9a97\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u4f4d\u4e8eWindows CryptoAPI(Crypt32.dll)\u9a8c\u8bc1\u692d\u5706\u66f2\u7ebf\u52a0\u5bc6\u7b97\u6cd5\u8bc1\u4e66\u7684\u65b9\u5f0f\uff0c\u53ef\u80fd\u5f71\u54cd\u4fe1\u4efb\u7684\u4e00\u4e9b\u5b9e\u4f8b\u5305\u62ec\uff08\u4e0d\u9650\u4e8e\uff09\uff1aHTTPS\u8fde\u63a5\u3001\u6587\u4ef6\u7b7e\u540d\u548c\u7535\u5b50\u90ae\u4ef6\u7b7e\u540d\u3001\u4ee5\u7528\u6237\u6a21\u5f0f\u542f\u52a8\u7684\u7b7e\u540d\u53ef\u6267\u884c\u7a0b\u5e8f\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u4f2a\u9020\u4ee3\u7801\u7b7e\u540d\u8bc1\u4e66\u5bf9\u6076\u610f\u53ef\u6267\u884c\u6587\u4ef6\u8fdb\u884c\u7b7e\u540d\uff0c\u4ece\u800c\u4f7f\u8be5\u6587\u4ef6\u770b\u4f3c\u6765\u81ea\u53d7\u4fe1\u4efb\u7684\u5408\u6cd5\u6765\u6e90\u3002\u8fd8\u53ef\u80fd\u6ee5\u7528crypt32.dll\u4e2d\u7684\u6f0f\u6d1e\u6765\u6b3a\u9a97\u4e0e\u7279\u5b9a\u8f6f\u4ef6\u76f8\u5173\u7684\u6570\u5b57\u7b7e\u540d\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-02446",
  "openTime": "2020-01-16",
  "patchDescription": "Microsoft Windows\u662f\u7f8e\u56fd\u5fae\u8f6f\u516c\u53f8\u53d1\u5e03\u7684\u89c6\u7a97\u64cd\u4f5c\u7cfb\u7edf\u3002Microsoft CryptoAPI \u662f\u5fae\u8f6f\u63d0\u4f9b\u7ed9\u5f00\u53d1\u4eba\u5458\u7684 Windows \u5b89\u5168\u670d\u52a1\u5e94\u7528\u7a0b\u5e8f\u63a5\u53e3\uff0c\u53ef\u7528\u4e8e\u52a0\u5bc6\u7684\u5e94\u7528\u7a0b\u5e8f\uff0c\u5b9e\u73b0\u6570\u636e\u52a0\u5bc6\u3001\u89e3\u5bc6\u3001\u7b7e\u540d\u53ca\u9a8c\u8bc1\u7b49\u529f\u80fd\u3002\r\n\r\nMicrosoft Windows CryptoAPI\u5b58\u5728\u6b3a\u9a97\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u4f4d\u4e8eWindows CryptoAPI(Crypt32.dll)\u9a8c\u8bc1\u692d\u5706\u66f2\u7ebf\u52a0\u5bc6\u7b97\u6cd5\u8bc1\u4e66\u7684\u65b9\u5f0f\uff0c\u53ef\u80fd\u5f71\u54cd\u4fe1\u4efb\u7684\u4e00\u4e9b\u5b9e\u4f8b\u5305\u62ec\uff08\u4e0d\u9650\u4e8e\uff09\uff1aHTTPS\u8fde\u63a5\u3001\u6587\u4ef6\u7b7e\u540d\u548c\u7535\u5b50\u90ae\u4ef6\u7b7e\u540d\u3001\u4ee5\u7528\u6237\u6a21\u5f0f\u542f\u52a8\u7684\u7b7e\u540d\u53ef\u6267\u884c\u7a0b\u5e8f\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u4f2a\u9020\u4ee3\u7801\u7b7e\u540d\u8bc1\u4e66\u5bf9\u6076\u610f\u53ef\u6267\u884c\u6587\u4ef6\u8fdb\u884c\u7b7e\u540d\uff0c\u4ece\u800c\u4f7f\u8be5\u6587\u4ef6\u770b\u4f3c\u6765\u81ea\u53d7\u4fe1\u4efb\u7684\u5408\u6cd5\u6765\u6e90\u3002\u8fd8\u53ef\u80fd\u6ee5\u7528crypt32.dll\u4e2d\u7684\u6f0f\u6d1e\u6765\u6b3a\u9a97\u4e0e\u7279\u5b9a\u8f6f\u4ef6\u76f8\u5173\u7684\u6570\u5b57\u7b7e\u540d\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Microsoft Windows CryptoAPI\u6b3a\u9a97\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Microsoft Windows 10",
      "Microsoft Windows 10 1607",
      "Microsoft Windows Server 2016",
      "Microsoft Windows 10 1709",
      "Microsoft Windows 10 1803",
      "Microsoft Windows Server 1803",
      "Microsoft Windows Server 2019",
      "Microsoft Windows 10 1809",
      "Microsoft Windows 10 1903",
      "Microsoft Windows Server 1903",
      "Microsoft Windows Server 1909"
    ]
  },
  "referenceLink": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601",
  "serverity": "\u9ad8",
  "submitTime": "2020-01-16",
  "title": "Microsoft Windows CryptoAPI\u6b3a\u9a97\u6f0f\u6d1e"
}

CERTFR-2020-AVI-026

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Microsoft Windows. Elles permettent à un attaquant de provoquer une exécution de code à distance, une atteinte à la confidentialité des données, une élévation de privilèges, un contournement de la fonctionnalité de sécurité et un déni de service.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows Server 2012
Microsoft	Windows	Windows 10 pour systèmes x64
Microsoft	Windows	Windows 10 Version 1909 pour ARM64-based Systems
Microsoft	Windows	Windows 10 Version 1809 pour systèmes x64
Microsoft	Windows	Windows 10 Version 1909 pour systèmes x64
Microsoft	Windows	Windows 10 Version 1903 pour systèmes x64
Microsoft	Windows	Windows Server 2019 (Server Core installation)
Microsoft	Windows	Windows Server 2019
Microsoft	Windows	Windows Server 2012 R2
Microsoft	Windows	Windows Server 2008 R2 pour systèmes Itanium Service Pack 1
Microsoft	Windows	Windows 10 Version 1803 pour systèmes 32 bits
Microsoft	Windows	Windows 10 Version 1607 pour systèmes 32 bits
Microsoft	Windows	Windows 10 Version 1803 pour systèmes x64
Microsoft	Windows	Windows Server 2008 pour systèmes x64 Service Pack 2
Microsoft	Windows	Windows 10 Version 1809 pour systèmes 32 bits
Microsoft	Windows	Windows Server, version 1803 (Server Core Installation)
Microsoft	Windows	Windows 10 Version 1709 pour systèmes 32 bits
Microsoft	Windows	Windows Server 2016 (Server Core installation)
Microsoft	Windows	Windows 10 Version 1903 pour systèmes 32 bits
Microsoft	Windows	Windows RT 8.1
Microsoft	Windows	Windows 7 pour systèmes x64 Service Pack 1
Microsoft	Windows	Windows 10 Version 1809 pour ARM64-based Systems
Microsoft	Windows	Windows 10 Version 1709 pour ARM64-based Systems
Microsoft	Windows	Windows Server 2008 pour systèmes x64 Service Pack 2 (Server Core installation)
Microsoft	Windows	Windows 10 Version 1909 pour systèmes 32 bits
Microsoft	Windows	Windows Server 2008 pour systèmes 32 bits Service Pack 2 (Server Core installation)
Microsoft	Windows	Windows 10 Version 1607 pour systèmes x64
Microsoft	Windows	Windows Server 2012 (Server Core installation)
Microsoft	Windows	Windows 10 Version 1803 pour ARM64-based Systems
Microsoft	Windows	Windows Server 2008 pour systèmes 32 bits Service Pack 2
Microsoft	Windows	Windows Server 2008 R2 pour systèmes x64 Service Pack 1
Microsoft	Windows	Windows Server, version 1909 (Server Core installation)
Microsoft	Windows	Windows 8.1 pour systèmes x64
Microsoft	Windows	Windows Server 2016
Microsoft	Windows	Windows Server 2008 pour systèmes Itanium Service Pack 2
Microsoft	Windows	Windows 10 Version 1903 pour ARM64-based Systems
Microsoft	Windows	Windows 8.1 pour systèmes 32 bits
Microsoft	Windows	Windows Server 2008 R2 pour systèmes x64 Service Pack 1 (Server Core installation)
Microsoft	Windows	Windows Server 2012 R2 (Server Core installation)
Microsoft	Windows	Windows 10 pour systèmes 32 bits
Microsoft	Windows	Windows 7 pour systèmes 32 bits Service Pack 1
Microsoft	Windows	Windows Server, version 1903 (Server Core installation)
Microsoft	Windows	Windows 10 Version 1709 pour systèmes x64

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft du 14 janvier 2020

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows Server 2012",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1909 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1909 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1903 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2019 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2019",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes Itanium Service Pack 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1803 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1803 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server, version 1803 (Server Core Installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1709 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2016 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1903 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows RT 8.1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 7 pour syst\u00e8mes x64 Service Pack 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1709 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1909 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1607 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1803 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server, version 1909 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 8.1 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2016",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes Itanium Service Pack 2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1903 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 8.1 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 7 pour syst\u00e8mes 32 bits Service Pack 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server, version 1903 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1709 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-0625",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0625"
    },
    {
      "name": "CVE-2020-0634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0634"
    },
    {
      "name": "CVE-2020-0628",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0628"
    },
    {
      "name": "CVE-2020-0621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0621"
    },
    {
      "name": "CVE-2020-0637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0637"
    },
    {
      "name": "CVE-2020-0627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0627"
    },
    {
      "name": "CVE-2020-0639",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0639"
    },
    {
      "name": "CVE-2020-0633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0633"
    },
    {
      "name": "CVE-2020-0644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0644"
    },
    {
      "name": "CVE-2020-0630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0630"
    },
    {
      "name": "CVE-2020-0632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0632"
    },
    {
      "name": "CVE-2020-0642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0642"
    },
    {
      "name": "CVE-2020-0623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0623"
    },
    {
      "name": "CVE-2020-0613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0613"
    },
    {
      "name": "CVE-2020-0601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0601"
    },
    {
      "name": "CVE-2020-0612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0612"
    },
    {
      "name": "CVE-2020-0624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0624"
    },
    {
      "name": "CVE-2020-0631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0631"
    },
    {
      "name": "CVE-2020-0641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0641"
    },
    {
      "name": "CVE-2020-0609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0609"
    },
    {
      "name": "CVE-2020-0607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0607"
    },
    {
      "name": "CVE-2020-0629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0629"
    },
    {
      "name": "CVE-2020-0617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0617"
    },
    {
      "name": "CVE-2020-0616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0616"
    },
    {
      "name": "CVE-2020-0608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0608"
    },
    {
      "name": "CVE-2020-0611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0611"
    },
    {
      "name": "CVE-2020-0643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0643"
    },
    {
      "name": "CVE-2020-0610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0610"
    },
    {
      "name": "CVE-2020-0635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0635"
    },
    {
      "name": "CVE-2020-0620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0620"
    },
    {
      "name": "CVE-2020-0626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0626"
    },
    {
      "name": "CVE-2020-0614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0614"
    },
    {
      "name": "CVE-2020-0615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0615"
    },
    {
      "name": "CVE-2020-0638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0638"
    },
    {
      "name": "CVE-2020-0636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0636"
    },
    {
      "name": "CVE-2020-0622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0622"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-026",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-01-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eMicrosoft Windows\u003c/span\u003e. Elles permettent \u00e0 un attaquant\nde provoquer une ex\u00e9cution de code \u00e0 distance, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es, une \u00e9l\u00e9vation de privil\u00e8ges, un\ncontournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9 et un d\u00e9ni de service.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 14 janvier 2020",
      "url": "https://portal.msrc.microsoft.com/fr-FR/security-guidance"
    }
  ]
}

CERTFR-2021-AVI-772

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Schneider. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	IGSS Data Collector (dc.exe) versions antérieures à V15.0.0.21244
N/A	N/A	fellerLYnk versions antérieures à V2.6.2
N/A	N/A	micrologiciel TM5CSLC100FS version antérieures v2.57
N/A	N/A	Conext Advisor 2 Gateway
N/A	N/A	spaceLYnk versions antérieures à V2.6.2
N/A	N/A	micrologiciel TM5NS31 versions antérieures à 2.79
N/A	N/A	Conext Advisor 2 Cloud
N/A	N/A	Wiser for KNX versions antérieures à V2.6.2
N/A	N/A	Modicon M218 logic controller versions antérieures à 5.1.0.8
N/A	N/A	micrologiciel TM5NEIP1 versions antérieures à 3.12
N/A	N/A	ConneXium Network Manager
N/A	N/A	Conext Control V2 Gateway
N/A	N/A	micrologiciel TM5CSLC200FS version antérieures v2.57

References

Title

Publication Time

Tags

Bulletin de sécurité Schneider SEVD-2021-285-04 du 12 octobre 2021	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2021-285-03 du 12 octobre 2021	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2021-285-02 du 12 octobre 2021	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2021-285-05 du 12 octobre 2021	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2021-285-01 du 12 octobre 2021	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2021-285-06 du 12 octobre 2021	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "IGSS Data Collector (dc.exe) versions ant\u00e9rieures \u00e0 V15.0.0.21244",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "fellerLYnk versions ant\u00e9rieures \u00e0 V2.6.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "micrologiciel TM5CSLC100FS version ant\u00e9rieures v2.57",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Conext Advisor 2 Gateway",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "spaceLYnk versions ant\u00e9rieures \u00e0 V2.6.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "micrologiciel TM5NS31 versions ant\u00e9rieures \u00e0 2.79",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Conext Advisor 2 Cloud",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Wiser for KNX versions ant\u00e9rieures \u00e0 V2.6.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Modicon M218 logic controller versions ant\u00e9rieures \u00e0 5.1.0.8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "micrologiciel TM5NEIP1 versions ant\u00e9rieures \u00e0 3.12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ConneXium Network Manager",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Conext Control V2 Gateway",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "micrologiciel TM5CSLC200FS version ant\u00e9rieures v2.57",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-17438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-17438"
    },
    {
      "name": "CVE-2019-0685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0685"
    },
    {
      "name": "CVE-2020-1472",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1472"
    },
    {
      "name": "CVE-2020-0601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0601"
    },
    {
      "name": "CVE-2019-11135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11135"
    },
    {
      "name": "CVE-2019-0803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0803"
    },
    {
      "name": "CVE-2021-22801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22801"
    },
    {
      "name": "CVE-2020-0609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0609"
    },
    {
      "name": "CVE-2021-22802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22802"
    },
    {
      "name": "CVE-2019-0859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0859"
    },
    {
      "name": "CVE-2020-13987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13987"
    },
    {
      "name": "CVE-2020-1020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1020"
    },
    {
      "name": "CVE-2020-0610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0610"
    },
    {
      "name": "CVE-2020-0938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0938"
    },
    {
      "name": "CVE-2020-1350",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1350"
    },
    {
      "name": "CVE-2021-22800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22800"
    },
    {
      "name": "CVE-2021-22804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22804"
    },
    {
      "name": "CVE-2020-0796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0796"
    },
    {
      "name": "CVE-2021-22803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22803"
    },
    {
      "name": "CVE-2021-22806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22806"
    },
    {
      "name": "CVE-2019-1040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1040"
    },
    {
      "name": "CVE-2021-22805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22805"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-772",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-10-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-285-04 du 12 octobre 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-04"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-285-03 du 12 octobre 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-03"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-285-02 du 12 octobre 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-02"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-285-05 du 12 octobre 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-05"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-285-01 du 12 octobre 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-01"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-285-06 du 12 octobre 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-06"
    }
  ]
}

CERTFR-2020-AVI-026

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows Server 2012
Microsoft	Windows	Windows 10 pour systèmes x64
Microsoft	Windows	Windows 10 Version 1909 pour ARM64-based Systems
Microsoft	Windows	Windows 10 Version 1809 pour systèmes x64
Microsoft	Windows	Windows 10 Version 1909 pour systèmes x64
Microsoft	Windows	Windows 10 Version 1903 pour systèmes x64
Microsoft	Windows	Windows Server 2019 (Server Core installation)
Microsoft	Windows	Windows Server 2019
Microsoft	Windows	Windows Server 2012 R2
Microsoft	Windows	Windows Server 2008 R2 pour systèmes Itanium Service Pack 1
Microsoft	Windows	Windows 10 Version 1803 pour systèmes 32 bits
Microsoft	Windows	Windows 10 Version 1607 pour systèmes 32 bits
Microsoft	Windows	Windows 10 Version 1803 pour systèmes x64
Microsoft	Windows	Windows Server 2008 pour systèmes x64 Service Pack 2
Microsoft	Windows	Windows 10 Version 1809 pour systèmes 32 bits
Microsoft	Windows	Windows Server, version 1803 (Server Core Installation)
Microsoft	Windows	Windows 10 Version 1709 pour systèmes 32 bits
Microsoft	Windows	Windows Server 2016 (Server Core installation)
Microsoft	Windows	Windows 10 Version 1903 pour systèmes 32 bits
Microsoft	Windows	Windows RT 8.1
Microsoft	Windows	Windows 7 pour systèmes x64 Service Pack 1
Microsoft	Windows	Windows 10 Version 1809 pour ARM64-based Systems
Microsoft	Windows	Windows 10 Version 1709 pour ARM64-based Systems
Microsoft	Windows	Windows Server 2008 pour systèmes x64 Service Pack 2 (Server Core installation)
Microsoft	Windows	Windows 10 Version 1909 pour systèmes 32 bits
Microsoft	Windows	Windows Server 2008 pour systèmes 32 bits Service Pack 2 (Server Core installation)
Microsoft	Windows	Windows 10 Version 1607 pour systèmes x64
Microsoft	Windows	Windows Server 2012 (Server Core installation)
Microsoft	Windows	Windows 10 Version 1803 pour ARM64-based Systems
Microsoft	Windows	Windows Server 2008 pour systèmes 32 bits Service Pack 2
Microsoft	Windows	Windows Server 2008 R2 pour systèmes x64 Service Pack 1
Microsoft	Windows	Windows Server, version 1909 (Server Core installation)
Microsoft	Windows	Windows 8.1 pour systèmes x64
Microsoft	Windows	Windows Server 2016
Microsoft	Windows	Windows Server 2008 pour systèmes Itanium Service Pack 2
Microsoft	Windows	Windows 10 Version 1903 pour ARM64-based Systems
Microsoft	Windows	Windows 8.1 pour systèmes 32 bits
Microsoft	Windows	Windows Server 2008 R2 pour systèmes x64 Service Pack 1 (Server Core installation)
Microsoft	Windows	Windows Server 2012 R2 (Server Core installation)
Microsoft	Windows	Windows 10 pour systèmes 32 bits
Microsoft	Windows	Windows 7 pour systèmes 32 bits Service Pack 1
Microsoft	Windows	Windows Server, version 1903 (Server Core installation)
Microsoft	Windows	Windows 10 Version 1709 pour systèmes x64

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft du 14 janvier 2020

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows Server 2012",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1909 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1909 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1903 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2019 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2019",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes Itanium Service Pack 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1803 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1803 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server, version 1803 (Server Core Installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1709 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2016 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1903 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows RT 8.1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 7 pour syst\u00e8mes x64 Service Pack 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1709 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1909 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1607 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1803 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server, version 1909 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 8.1 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2016",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes Itanium Service Pack 2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1903 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 8.1 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 7 pour syst\u00e8mes 32 bits Service Pack 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server, version 1903 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1709 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-0625",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0625"
    },
    {
      "name": "CVE-2020-0634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0634"
    },
    {
      "name": "CVE-2020-0628",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0628"
    },
    {
      "name": "CVE-2020-0621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0621"
    },
    {
      "name": "CVE-2020-0637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0637"
    },
    {
      "name": "CVE-2020-0627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0627"
    },
    {
      "name": "CVE-2020-0639",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0639"
    },
    {
      "name": "CVE-2020-0633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0633"
    },
    {
      "name": "CVE-2020-0644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0644"
    },
    {
      "name": "CVE-2020-0630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0630"
    },
    {
      "name": "CVE-2020-0632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0632"
    },
    {
      "name": "CVE-2020-0642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0642"
    },
    {
      "name": "CVE-2020-0623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0623"
    },
    {
      "name": "CVE-2020-0613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0613"
    },
    {
      "name": "CVE-2020-0601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0601"
    },
    {
      "name": "CVE-2020-0612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0612"
    },
    {
      "name": "CVE-2020-0624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0624"
    },
    {
      "name": "CVE-2020-0631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0631"
    },
    {
      "name": "CVE-2020-0641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0641"
    },
    {
      "name": "CVE-2020-0609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0609"
    },
    {
      "name": "CVE-2020-0607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0607"
    },
    {
      "name": "CVE-2020-0629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0629"
    },
    {
      "name": "CVE-2020-0617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0617"
    },
    {
      "name": "CVE-2020-0616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0616"
    },
    {
      "name": "CVE-2020-0608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0608"
    },
    {
      "name": "CVE-2020-0611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0611"
    },
    {
      "name": "CVE-2020-0643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0643"
    },
    {
      "name": "CVE-2020-0610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0610"
    },
    {
      "name": "CVE-2020-0635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0635"
    },
    {
      "name": "CVE-2020-0620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0620"
    },
    {
      "name": "CVE-2020-0626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0626"
    },
    {
      "name": "CVE-2020-0614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0614"
    },
    {
      "name": "CVE-2020-0615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0615"
    },
    {
      "name": "CVE-2020-0638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0638"
    },
    {
      "name": "CVE-2020-0636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0636"
    },
    {
      "name": "CVE-2020-0622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0622"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-026",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-01-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eMicrosoft Windows\u003c/span\u003e. Elles permettent \u00e0 un attaquant\nde provoquer une ex\u00e9cution de code \u00e0 distance, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es, une \u00e9l\u00e9vation de privil\u00e8ges, un\ncontournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9 et un d\u00e9ni de service.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 14 janvier 2020",
      "url": "https://portal.msrc.microsoft.com/fr-FR/security-guidance"
    }
  ]
}

CERTFR-2020-AVI-043

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans Google Chrome. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Google	Chrome	Google Chrome versions antérieures à 79.0.3945.130

References

Title

Publication Time

Tags

Bulletin de sécurité Chrome du 16 janvier 2020

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Google Chrome versions ant\u00e9rieures \u00e0 79.0.3945.130",
      "product": {
        "name": "Chrome",
        "vendor": {
          "name": "Google",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-6380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6380"
    },
    {
      "name": "CVE-2020-6379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6379"
    },
    {
      "name": "CVE-2020-6378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6378"
    },
    {
      "name": "CVE-2020-0601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0601"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-043",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-01-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Google Chrome.\nElles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non\nsp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Chrome",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Chrome du 16 janvier 2020",
      "url": "https://chromereleases.googleblog.com/2020/01/stable-channel-update-for-desktop_16.html"
    }
  ]
}

CERTFR-2020-AVI-043

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans Google Chrome. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Google	Chrome	Google Chrome versions antérieures à 79.0.3945.130

References

Title

Publication Time

Tags

Bulletin de sécurité Chrome du 16 janvier 2020

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Google Chrome versions ant\u00e9rieures \u00e0 79.0.3945.130",
      "product": {
        "name": "Chrome",
        "vendor": {
          "name": "Google",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-6380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6380"
    },
    {
      "name": "CVE-2020-6379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6379"
    },
    {
      "name": "CVE-2020-6378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-6378"
    },
    {
      "name": "CVE-2020-0601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0601"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-043",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-01-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Google Chrome.\nElles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non\nsp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Chrome",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Chrome du 16 janvier 2020",
      "url": "https://chromereleases.googleblog.com/2020/01/stable-channel-update-for-desktop_16.html"
    }
  ]
}

CERTFR-2021-AVI-772

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	IGSS Data Collector (dc.exe) versions antérieures à V15.0.0.21244
N/A	N/A	fellerLYnk versions antérieures à V2.6.2
N/A	N/A	micrologiciel TM5CSLC100FS version antérieures v2.57
N/A	N/A	Conext Advisor 2 Gateway
N/A	N/A	spaceLYnk versions antérieures à V2.6.2
N/A	N/A	micrologiciel TM5NS31 versions antérieures à 2.79
N/A	N/A	Conext Advisor 2 Cloud
N/A	N/A	Wiser for KNX versions antérieures à V2.6.2
N/A	N/A	Modicon M218 logic controller versions antérieures à 5.1.0.8
N/A	N/A	micrologiciel TM5NEIP1 versions antérieures à 3.12
N/A	N/A	ConneXium Network Manager
N/A	N/A	Conext Control V2 Gateway
N/A	N/A	micrologiciel TM5CSLC200FS version antérieures v2.57

References

Title

Publication Time

Tags

Bulletin de sécurité Schneider SEVD-2021-285-04 du 12 octobre 2021	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2021-285-03 du 12 octobre 2021	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2021-285-02 du 12 octobre 2021	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2021-285-05 du 12 octobre 2021	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2021-285-01 du 12 octobre 2021	None	vendor-advisory
Bulletin de sécurité Schneider SEVD-2021-285-06 du 12 octobre 2021	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "IGSS Data Collector (dc.exe) versions ant\u00e9rieures \u00e0 V15.0.0.21244",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "fellerLYnk versions ant\u00e9rieures \u00e0 V2.6.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "micrologiciel TM5CSLC100FS version ant\u00e9rieures v2.57",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Conext Advisor 2 Gateway",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "spaceLYnk versions ant\u00e9rieures \u00e0 V2.6.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "micrologiciel TM5NS31 versions ant\u00e9rieures \u00e0 2.79",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Conext Advisor 2 Cloud",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Wiser for KNX versions ant\u00e9rieures \u00e0 V2.6.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Modicon M218 logic controller versions ant\u00e9rieures \u00e0 5.1.0.8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "micrologiciel TM5NEIP1 versions ant\u00e9rieures \u00e0 3.12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ConneXium Network Manager",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Conext Control V2 Gateway",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "micrologiciel TM5CSLC200FS version ant\u00e9rieures v2.57",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-17438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-17438"
    },
    {
      "name": "CVE-2019-0685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0685"
    },
    {
      "name": "CVE-2020-1472",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1472"
    },
    {
      "name": "CVE-2020-0601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0601"
    },
    {
      "name": "CVE-2019-11135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11135"
    },
    {
      "name": "CVE-2019-0803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0803"
    },
    {
      "name": "CVE-2021-22801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22801"
    },
    {
      "name": "CVE-2020-0609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0609"
    },
    {
      "name": "CVE-2021-22802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22802"
    },
    {
      "name": "CVE-2019-0859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0859"
    },
    {
      "name": "CVE-2020-13987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13987"
    },
    {
      "name": "CVE-2020-1020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1020"
    },
    {
      "name": "CVE-2020-0610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0610"
    },
    {
      "name": "CVE-2020-0938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0938"
    },
    {
      "name": "CVE-2020-1350",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1350"
    },
    {
      "name": "CVE-2021-22800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22800"
    },
    {
      "name": "CVE-2021-22804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22804"
    },
    {
      "name": "CVE-2020-0796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0796"
    },
    {
      "name": "CVE-2021-22803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22803"
    },
    {
      "name": "CVE-2021-22806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22806"
    },
    {
      "name": "CVE-2019-1040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1040"
    },
    {
      "name": "CVE-2021-22805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22805"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-772",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-10-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-285-04 du 12 octobre 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-04"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-285-03 du 12 octobre 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-03"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-285-02 du 12 octobre 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-02"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-285-05 du 12 octobre 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-05"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-285-01 du 12 octobre 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-01"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider SEVD-2021-285-06 du 12 octobre 2021",
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-06"
    }
  ]
}

CERTFR-2020-ALE-004

Vulnerability from certfr_alerte - Published: - Updated:

[Mise à jour du 17 janvier 2020 : informations complémentaires et clarification sur les impacts]

Une vulnérabilité affecte la bibliothèque cryptographique CryptoAPI (CAPI, crypt32.dll) de Microsoft Windows 10, Windows Server 2016 et Windows Server 2019.

Depuis 2015, la bibliothèque CryptoAPI sait gérer les algorithmes cryptographiques basés sur les courbes elliptiques (ECC). La vulnérabilité impacte la fonction de vérification de validité de certificat numérique lorsque ceux-ci sont signés par une autorité de certification qui s'appuie sur la cryptographie ECC.

La cryptographie ECC utilise des algorithmes asymétriques pour lesquels il est nécessaire d'avoir deux clés, l'une publique et l'autre privée, afin de pouvoir chiffrer et signer des informations entre deux correspondants.

La vulnérabilité affecte le contrôle, par la bibliothèque CryptoAPI, des clés publiques ECC présentes dans les certificats. Ce défaut permet à un attaquant de produire un certificat intermédiaire pour lequel il disposera donc de la clé privée. Ce certificat sera considéré comme une nouvelle ancre de confiance valide par la bibliothèque CryptoAPI. L'attaquant sera alors en mesure de signer un second certificat usurpant l'identité d'un site ou d'un utilisateur.

Pour les systèmes affectés et les applications utilisant cette bibliothèque CryptoAPI, les impacts peuvent être les suivants :

possibilité de signer un code logiciel malveillant et de le faire reconnaître comme légitime ;
possibilité de falsifier l'identité d'un utilisateur ou d'un serveur lors de l'établissement d'une connexion TLS ;
possibilité de falsifier l'identité de l'émetteur d'un message électronique signé.

Le CERT-FR insiste sur l'urgence d'appliquer la mise à jour mensuelle dans les plus brefs délais. Ce correctif n'a aucun impact sur le fonctionnement du système d'exploitation et des applications, il vise uniquement à ajouter les contrôles de sécurité manquants dans la bibliothèque.

Si le déploiement doit être réalisé en plusieurs vagues, il est suggéré de procéder par ordre de priorité en privilégiant d'abord :

les équipements accessibles sur Internet, basés sur Microsoft Windows, et qui mettent en place des services basés sur une authentification par certificat X.509 ;
les équipements d'infrastructures et de sécurité basé sur Microsoft Windows (notamment les contrôleurs de domaine Active Directory, les serveurs centralisant les déploiements de logiciels, les passerelles antivirus, etc.) ;
les postes de travail basés sur Microsoft Windows 10.

Le navigateur Firefox n'utilise pas la bibliothèque CryptoAPI mais la bibliothèque NSS et n'est donc pas affecté par la vulnérabilité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows Server 2019
Microsoft	Windows	Microsoft Windows 10
Microsoft	Windows	Windows Server 2016

References

Title

Publication Time

Tags

Note de publication Microsoft du 14 janvier 2020	None	vendor-advisory
Avis de sécurité Microsoft du 14 janvier 2020	None	vendor-advisory
Avis CERT-FR CERTFR-2020-AVI-026 du 14 janvier 2020	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows Server 2019",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows 10",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2016",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2020-03-24",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-0601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0601"
    }
  ],
  "links": [
    {
      "title": "Avis CERT-FR CERTFR-2020-AVI-026 du 14 janvier 2020",
      "url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2020-AVI-026/"
    }
  ],
  "reference": "CERTFR-2020-ALE-004",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-01-14T00:00:00.000000"
    },
    {
      "description": "informations compl\u00e9mentaires et clarification sur les impacts",
      "revision_date": "2020-01-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "\u003cstrong\u003e\\[Mise \u00e0 jour du 17 janvier 2020 : informations compl\u00e9mentaires et\nclarification sur les impacts\\]\u003c/strong\u003e\n\nUne vuln\u00e9rabilit\u00e9 affecte la biblioth\u00e8que cryptographique *CryptoAPI\n(CAPI, crypt32.dll)* de Microsoft Windows 10, Windows Server 2016 et\nWindows Server 2019.\n\nDepuis 2015, la biblioth\u00e8que *CryptoAPI* sait g\u00e9rer les algorithmes\ncryptographiques bas\u00e9s sur les courbes elliptiques (*ECC*). La\nvuln\u00e9rabilit\u00e9 impacte la fonction de v\u00e9rification de validit\u00e9 de\ncertificat num\u00e9rique lorsque ceux-ci sont sign\u00e9s par une autorit\u00e9 de\ncertification qui s\u0027appuie sur la cryptographie *ECC*.\n\nLa cryptographie *ECC* utilise des algorithmes asym\u00e9triques pour\nlesquels il est n\u00e9cessaire d\u0027avoir deux cl\u00e9s, l\u0027une publique et l\u0027autre\npriv\u00e9e, afin de pouvoir chiffrer et signer des informations entre deux\ncorrespondants.\n\nLa vuln\u00e9rabilit\u00e9 affecte le contr\u00f4le, par la biblioth\u00e8que *CryptoAPI*,\ndes cl\u00e9s publiques ECC pr\u00e9sentes dans les certificats. Ce d\u00e9faut permet\n\u00e0 un attaquant de produire un certificat interm\u00e9diaire pour lequel il\ndisposera donc de la cl\u00e9 priv\u00e9e. Ce certificat sera consid\u00e9r\u00e9 comme une\nnouvelle ancre de confiance valide par la biblioth\u00e8que *CryptoAPI*.\nL\u0027attaquant sera alors en mesure de signer un second certificat usurpant\nl\u0027identit\u00e9 d\u0027un site ou d\u0027un utilisateur.\n\nPour les syst\u00e8mes affect\u00e9s et les applications utilisant cette\nbiblioth\u00e8que *CryptoAPI*, les impacts peuvent \u00eatre les suivants :\n\n-   possibilit\u00e9 de signer un code logiciel malveillant et de le faire\n    reconna\u00eetre comme l\u00e9gitime ;\n-   possibilit\u00e9 de falsifier l\u0027identit\u00e9 d\u0027un utilisateur ou d\u0027un serveur\n    lors de l\u0027\u00e9tablissement d\u0027une connexion TLS ;\n-   possibilit\u00e9 de falsifier l\u0027identit\u00e9 de l\u0027\u00e9metteur d\u0027un message\n    \u00e9lectronique sign\u00e9.\n\n\u00a0\n\n\u003cstrong\u003eLe CERT-FR insiste sur l\u0027urgence d\u0027appliquer la mise \u00e0 jour mensuelle\ndans les plus brefs d\u00e9lais\u003c/strong\u003e. Ce correctif n\u0027a aucun impact sur le\nfonctionnement du syst\u00e8me d\u0027exploitation et des applications, il vise\nuniquement \u00e0 ajouter les contr\u00f4les de s\u00e9curit\u00e9 manquants dans la\nbiblioth\u00e8que.\n\nSi le d\u00e9ploiement doit \u00eatre r\u00e9alis\u00e9 en plusieurs vagues, il est sugg\u00e9r\u00e9\nde proc\u00e9der par ordre de priorit\u00e9 en privil\u00e9giant d\u0027abord :\n\n-   les \u00e9quipements accessibles sur Internet, bas\u00e9s sur Microsoft\n    Windows, et qui mettent en place des services bas\u00e9s sur une\n    authentification par certificat X.509 ;\n-   les \u00e9quipements d\u0027infrastructures et de s\u00e9curit\u00e9 bas\u00e9 sur Microsoft\n    Windows\u00a0 (notamment les contr\u00f4leurs de domaine Active Directory, les\n    serveurs centralisant les d\u00e9ploiements de logiciels, les passerelles\n    antivirus, etc.) ;\n-   les postes de travail bas\u00e9s sur Microsoft Windows 10.\n\n\u00a0\n\nLe navigateur Firefox n\u0027utilise pas la biblioth\u00e8que *CryptoAPI* mais la\nbiblioth\u00e8que *NSS* et n\u0027est donc pas affect\u00e9 par la vuln\u00e9rabilit\u00e9.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Note de publication Microsoft du 14 janvier 2020",
      "url": "https://portal.msrc.microsoft.com/fr-fr/security-guidance/releasenotedetail/2020-Jan"
    },
    {
      "published_at": null,
      "title": "Avis de s\u00e9curit\u00e9 Microsoft du 14 janvier 2020",
      "url": "https://portal.msrc.microsoft.com/fr-FR/security-guidance"
    }
  ]
}

CERTFR-2020-ALE-004

Vulnerability from certfr_alerte - Published: - Updated:

[Mise à jour du 17 janvier 2020 : informations complémentaires et clarification sur les impacts]

Une vulnérabilité affecte la bibliothèque cryptographique CryptoAPI (CAPI, crypt32.dll) de Microsoft Windows 10, Windows Server 2016 et Windows Server 2019.

Pour les systèmes affectés et les applications utilisant cette bibliothèque CryptoAPI, les impacts peuvent être les suivants :

possibilité de signer un code logiciel malveillant et de le faire reconnaître comme légitime ;
possibilité de falsifier l'identité d'un utilisateur ou d'un serveur lors de l'établissement d'une connexion TLS ;
possibilité de falsifier l'identité de l'émetteur d'un message électronique signé.

Si le déploiement doit être réalisé en plusieurs vagues, il est suggéré de procéder par ordre de priorité en privilégiant d'abord :

les équipements accessibles sur Internet, basés sur Microsoft Windows, et qui mettent en place des services basés sur une authentification par certificat X.509 ;
les équipements d'infrastructures et de sécurité basé sur Microsoft Windows (notamment les contrôleurs de domaine Active Directory, les serveurs centralisant les déploiements de logiciels, les passerelles antivirus, etc.) ;
les postes de travail basés sur Microsoft Windows 10.

Le navigateur Firefox n'utilise pas la bibliothèque CryptoAPI mais la bibliothèque NSS et n'est donc pas affecté par la vulnérabilité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows Server 2019
Microsoft	Windows	Microsoft Windows 10
Microsoft	Windows	Windows Server 2016

References

Title

Publication Time

Tags

Note de publication Microsoft du 14 janvier 2020	None	vendor-advisory
Avis de sécurité Microsoft du 14 janvier 2020	None	vendor-advisory
Avis CERT-FR CERTFR-2020-AVI-026 du 14 janvier 2020	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows Server 2019",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows 10",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2016",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2020-03-24",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-0601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-0601"
    }
  ],
  "links": [
    {
      "title": "Avis CERT-FR CERTFR-2020-AVI-026 du 14 janvier 2020",
      "url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2020-AVI-026/"
    }
  ],
  "reference": "CERTFR-2020-ALE-004",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-01-14T00:00:00.000000"
    },
    {
      "description": "informations compl\u00e9mentaires et clarification sur les impacts",
      "revision_date": "2020-01-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "\u003cstrong\u003e\\[Mise \u00e0 jour du 17 janvier 2020 : informations compl\u00e9mentaires et\nclarification sur les impacts\\]\u003c/strong\u003e\n\nUne vuln\u00e9rabilit\u00e9 affecte la biblioth\u00e8que cryptographique *CryptoAPI\n(CAPI, crypt32.dll)* de Microsoft Windows 10, Windows Server 2016 et\nWindows Server 2019.\n\nDepuis 2015, la biblioth\u00e8que *CryptoAPI* sait g\u00e9rer les algorithmes\ncryptographiques bas\u00e9s sur les courbes elliptiques (*ECC*). La\nvuln\u00e9rabilit\u00e9 impacte la fonction de v\u00e9rification de validit\u00e9 de\ncertificat num\u00e9rique lorsque ceux-ci sont sign\u00e9s par une autorit\u00e9 de\ncertification qui s\u0027appuie sur la cryptographie *ECC*.\n\nLa cryptographie *ECC* utilise des algorithmes asym\u00e9triques pour\nlesquels il est n\u00e9cessaire d\u0027avoir deux cl\u00e9s, l\u0027une publique et l\u0027autre\npriv\u00e9e, afin de pouvoir chiffrer et signer des informations entre deux\ncorrespondants.\n\nLa vuln\u00e9rabilit\u00e9 affecte le contr\u00f4le, par la biblioth\u00e8que *CryptoAPI*,\ndes cl\u00e9s publiques ECC pr\u00e9sentes dans les certificats. Ce d\u00e9faut permet\n\u00e0 un attaquant de produire un certificat interm\u00e9diaire pour lequel il\ndisposera donc de la cl\u00e9 priv\u00e9e. Ce certificat sera consid\u00e9r\u00e9 comme une\nnouvelle ancre de confiance valide par la biblioth\u00e8que *CryptoAPI*.\nL\u0027attaquant sera alors en mesure de signer un second certificat usurpant\nl\u0027identit\u00e9 d\u0027un site ou d\u0027un utilisateur.\n\nPour les syst\u00e8mes affect\u00e9s et les applications utilisant cette\nbiblioth\u00e8que *CryptoAPI*, les impacts peuvent \u00eatre les suivants :\n\n-   possibilit\u00e9 de signer un code logiciel malveillant et de le faire\n    reconna\u00eetre comme l\u00e9gitime ;\n-   possibilit\u00e9 de falsifier l\u0027identit\u00e9 d\u0027un utilisateur ou d\u0027un serveur\n    lors de l\u0027\u00e9tablissement d\u0027une connexion TLS ;\n-   possibilit\u00e9 de falsifier l\u0027identit\u00e9 de l\u0027\u00e9metteur d\u0027un message\n    \u00e9lectronique sign\u00e9.\n\n\u00a0\n\n\u003cstrong\u003eLe CERT-FR insiste sur l\u0027urgence d\u0027appliquer la mise \u00e0 jour mensuelle\ndans les plus brefs d\u00e9lais\u003c/strong\u003e. Ce correctif n\u0027a aucun impact sur le\nfonctionnement du syst\u00e8me d\u0027exploitation et des applications, il vise\nuniquement \u00e0 ajouter les contr\u00f4les de s\u00e9curit\u00e9 manquants dans la\nbiblioth\u00e8que.\n\nSi le d\u00e9ploiement doit \u00eatre r\u00e9alis\u00e9 en plusieurs vagues, il est sugg\u00e9r\u00e9\nde proc\u00e9der par ordre de priorit\u00e9 en privil\u00e9giant d\u0027abord :\n\n-   les \u00e9quipements accessibles sur Internet, bas\u00e9s sur Microsoft\n    Windows, et qui mettent en place des services bas\u00e9s sur une\n    authentification par certificat X.509 ;\n-   les \u00e9quipements d\u0027infrastructures et de s\u00e9curit\u00e9 bas\u00e9 sur Microsoft\n    Windows\u00a0 (notamment les contr\u00f4leurs de domaine Active Directory, les\n    serveurs centralisant les d\u00e9ploiements de logiciels, les passerelles\n    antivirus, etc.) ;\n-   les postes de travail bas\u00e9s sur Microsoft Windows 10.\n\n\u00a0\n\nLe navigateur Firefox n\u0027utilise pas la biblioth\u00e8que *CryptoAPI* mais la\nbiblioth\u00e8que *NSS* et n\u0027est donc pas affect\u00e9 par la vuln\u00e9rabilit\u00e9.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Note de publication Microsoft du 14 janvier 2020",
      "url": "https://portal.msrc.microsoft.com/fr-fr/security-guidance/releasenotedetail/2020-Jan"
    },
    {
      "published_at": null,
      "title": "Avis de s\u00e9curit\u00e9 Microsoft du 14 janvier 2020",
      "url": "https://portal.msrc.microsoft.com/fr-FR/security-guidance"
    }
  ]
}

GSD-2020-0601

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2020-0601

Aliases

CVE-2020-0601

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-0601",
    "description": "A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka \u0027Windows CryptoAPI Spoofing Vulnerability\u0027.",
    "id": "GSD-2020-0601",
    "references": [
      "https://www.suse.com/security/cve/CVE-2020-0601.html",
      "https://packetstormsecurity.com/files/cve/CVE-2020-0601"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-0601"
      ],
      "details": "A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka \u0027Windows CryptoAPI Spoofing Vulnerability\u0027.",
      "id": "GSD-2020-0601",
      "modified": "2023-12-13T01:21:45.065459Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cisa.gov": {
      "cveID": "CVE-2020-0601",
      "dateAdded": "2021-11-03",
      "dueDate": "2020-01-29",
      "product": "Windows CryptoAPI",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka \u0027Windows CryptoAPI Spoofing Vulnerability\u0027.",
      "vendorProject": "Microsoft",
      "vulnerabilityName": "Microsoft Windows 10 API/ECC Vulnerability"
    },
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@microsoft.com",
        "ID": "CVE-2020-0601",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Windows",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "10 Version 1803 for 32-bit Systems"
                        },
                        {
                          "version_value": "10 Version 1803 for x64-based Systems"
                        },
                        {
                          "version_value": "10 Version 1803 for ARM64-based Systems"
                        },
                        {
                          "version_value": "10 Version 1809 for 32-bit Systems"
                        },
                        {
                          "version_value": "10 Version 1809 for x64-based Systems"
                        },
                        {
                          "version_value": "10 Version 1809 for ARM64-based Systems"
                        },
                        {
                          "version_value": "10 Version 1709 for 32-bit Systems"
                        },
                        {
                          "version_value": "10 Version 1709 for x64-based Systems"
                        },
                        {
                          "version_value": "10 Version 1709 for ARM64-based Systems"
                        },
                        {
                          "version_value": "10 for 32-bit Systems"
                        },
                        {
                          "version_value": "10 for x64-based Systems"
                        },
                        {
                          "version_value": "10 Version 1607 for 32-bit Systems"
                        },
                        {
                          "version_value": "10 Version 1607 for x64-based Systems"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Windows Server",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "version 1803  (Core Installation)"
                        },
                        {
                          "version_value": "2019"
                        },
                        {
                          "version_value": "2019  (Core installation)"
                        },
                        {
                          "version_value": "2016"
                        },
                        {
                          "version_value": "2016  (Core installation)"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Windows 10 Version 1903 for 32-bit Systems",
                    "version": {
                      "version_data": [
                        {
                          "version_value": ""
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Windows 10 Version 1903 for x64-based Systems",
                    "version": {
                      "version_data": [
                        {
                          "version_value": ""
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Windows 10 Version 1903 for ARM64-based Systems",
                    "version": {
                      "version_data": [
                        {
                          "version_value": ""
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Windows Server, version 1903 (Server Core installation)",
                    "version": {
                      "version_data": [
                        {
                          "version_value": ""
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Windows 10 Version 1909 for 32-bit Systems",
                    "version": {
                      "version_data": [
                        {
                          "version_value": ""
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Windows 10 Version 1909 for x64-based Systems",
                    "version": {
                      "version_data": [
                        {
                          "version_value": ""
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Windows Server, version 1909 (Server Core installation)",
                    "version": {
                      "version_data": [
                        {
                          "version_value": ""
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Windows 10 Version 1909 for ARM64-based Systems",
                    "version": {
                      "version_data": [
                        {
                          "version_value": ""
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Microsoft"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka \u0027Windows CryptoAPI Spoofing Vulnerability\u0027."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Spoofing"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601",
            "refsource": "MISC",
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601"
          },
          {
            "name": "http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html"
          },
          {
            "name": "http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.13.7",
                    "versionStartIncluding": "1.13",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.12.16",
                    "versionStartIncluding": "1.12",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2020-0601"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka \u0027Windows CryptoAPI Spoofing Vulnerability\u0027."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-295"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "N/A",
              "refsource": "N/A",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601"
            },
            {
              "name": "http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 4.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.2
        }
      },
      "lastModifiedDate": "2022-08-12T18:40Z",
      "publishedDate": "2020-01-14T23:15Z"
    }
  }
}

bit-golang-2020-0601

Vulnerability from bitnami_vulndb

Published

2024-03-06 11:08

Modified

2025-10-22 09:08

Summary

Details

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Bitnami",
        "name": "golang",
        "purl": "pkg:bitnami/golang"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.12.0"
            },
            {
              "fixed": "1.12.16"
            },
            {
              "introduced": "1.13.0"
            },
            {
              "fixed": "1.13.7"
            }
          ],
          "type": "SEMVER"
        }
      ],
      "severity": [
        {
          "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
          "type": "CVSS_V3"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-0601"
  ],
  "database_specific": {
    "cpes": [
      "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*"
    ],
    "severity": "High"
  },
  "details": "A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka \u0027Windows CryptoAPI Spoofing Vulnerability\u0027.",
  "id": "BIT-golang-2020-0601",
  "modified": "2025-10-22T09:08:25.162Z",
  "published": "2024-03-06T11:08:38.203Z",
  "references": [
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0601"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0601"
    }
  ],
  "schema_version": "1.5.0"
}

FKIE_CVE-2020-0601

Vulnerability from fkie_nvd - Published: 2020-01-14 23:15 - Updated: 2025-12-18 02:00

CISA KEV

Severity ?

8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Summary

References

URL	Tags
secure@microsoft.com	http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html	Third Party Advisory, VDB Entry
secure@microsoft.com	http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html	Third Party Advisory, VDB Entry
secure@microsoft.com	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601	Patch, Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0601	US Government Resource

Impacted products

Vendor	Product	Version
microsoft	windows_10_1507	-
microsoft	windows_10_1507	-
microsoft	windows_10_1607	-
microsoft	windows_10_1607	-
microsoft	windows_10_1709	-
microsoft	windows_10_1709	-
microsoft	windows_10_1709	-
microsoft	windows_10_1803	-
microsoft	windows_10_1803	-
microsoft	windows_10_1803	-
microsoft	windows_10_1809	*
microsoft	windows_10_1809	*
microsoft	windows_10_1809	*
microsoft	windows_10_1903	-
microsoft	windows_10_1903	-
microsoft	windows_10_1903	-
microsoft	windows_10_1909	-
microsoft	windows_10_1909	-
microsoft	windows_10_1909	-
microsoft	windows_server_1803	-
microsoft	windows_server_1903	-
microsoft	windows_server_1909	-
microsoft	windows_server_2016	-
microsoft	windows_server_2019	-
golang	go	*
golang	go	*
microsoft	windows	-

JSON

To clipboard

{
  "cisaActionDue": "2022-05-03",
  "cisaExploitAdd": "2021-11-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Microsoft Windows CryptoAPI Spoofing Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "A045AC0A-471E-444C-B3B0-4CABC23E8CFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*",
              "matchCriteriaId": "28A7FEE9-B473-48A0-B0ED-A5CC1E44194C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "5E491E46-1917-41FE-8F9A-BB0BDDEB42C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",
              "matchCriteriaId": "0A1BC97A-263E-4291-8AEF-02EE4E6031E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:arm64:*",
              "matchCriteriaId": "555C22C7-356D-4DA7-8CED-DA7423BBC6CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "469F95D3-ABBB-4F1A-A000-BE0F6BD60FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:x86:*",
              "matchCriteriaId": "D76003FB-EE99-4D8E-B6A0-B13C2041E5A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:arm64:*",
              "matchCriteriaId": "40151476-C0FD-4336-8194-039E8827B7C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "D82F8AF7-ED01-4649-849E-F248F0E02384",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:x86:*",
              "matchCriteriaId": "C1CFB53B-B17B-47BD-BAC1-C6C5D168FFB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
              "matchCriteriaId": "251E413C-68F6-43C6-975C-C0B6AD4D36DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
              "matchCriteriaId": "4C3391B0-C6A6-4F6F-AC1B-AD0927C2C986",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
              "matchCriteriaId": "112871CE-B37B-454E-AC10-A285D92CCE0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:arm64:*",
              "matchCriteriaId": "9E1ED169-6F03-4BD5-B227-5FA54DB40AD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "5C5B5180-1E12-45C2-8275-B9E528955307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:x86:*",
              "matchCriteriaId": "B6A0DB01-49CB-4445-AFE8-57C2186857BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:arm64:*",
              "matchCriteriaId": "9285A9B5-4759-43E7-9589-CDBCA7100605",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "0D77EA14-F61D-4B9E-A385-70B88C482116",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:x86:*",
              "matchCriteriaId": "1A6FC9EE-D486-4AFE-A20E-4278468A1779",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_1803:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37097C39-D588-4018-B94D-5EB87B1E3D5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_1903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "530DF8C9-467C-4F4F-9FCA-CDD934BADF3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_1909:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADE7E7B1-64AC-4986-A50B-0918A42C05BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA6E96C9-FEC1-4174-AB7D-783DF8EC2097",
              "versionEndExcluding": "1.12.16",
              "versionStartIncluding": "1.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C8D6C09-AF12-4600-9C21-4F7A46CC78D8",
              "versionEndExcluding": "1.13.7",
              "versionStartIncluding": "1.13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka \u0027Windows CryptoAPI Spoofing Vulnerability\u0027."
    },
    {
      "lang": "es",
      "value": "Se presenta una vulnerabilidad de suplantaci\u00f3n de identidad en la manera en que Windows CryptoAPI (Crypt32.dll) comprueba los certificados Elliptic Curve Cryptography (ECC). Un atacante podr\u00eda explotar la vulnerabilidad mediante el uso de un certificado de firma de c\u00f3digo falsificado para firmar un ejecutable malicioso, haciendo que parezca que el archivo era de una fuente confiable y leg\u00edtima, tambi\u00e9n se conoce como \"Windows CryptoAPI Spoofing Vulnerability\"."
    }
  ],
  "id": "CVE-2020-0601",
  "lastModified": "2025-12-18T02:00:02.347",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.2,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2020-01-14T23:15:30.207",
  "references": [
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0601"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-295"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-295"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

CVE-2020-0601

Vulnerability from csaf_se - Published: 2021-10-12 00:00 - Updated: 2021-10-12 00:00

Summary

Conext™ Advisor & Conext™ Control V2

Notes

General Security Recommendations

We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ * Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. * Install physical controls so no unauthorized personnel can access your industrial control and safety systems, components, peripheral equipment, and networks. * Place all controllers in locked cabinets and never leave them in the “Program” mode. * Never connect programming software to any network other than the network intended for that device. * Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc. before use in the terminals or any node connected to these networks. * Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation. * Minimize network exposure for all control system devices and systems and ensure that they are not accessible from the Internet. * When remote access is required, use secure methods, such as Virtual Private Networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices. For more information refer to the Schneider Electric Recommended Cybersecurity Best Practices document.

For More Information

This document provides an overview of the identified vulnerability or vulnerabilities and actions required to mitigate. For more details and assistance on how to protect your installation, contact your local Schneider Electric representative or Schneider Electric Industrial Cybersecurity Services: https://www.se.com/ww/en/work/solutions/cybersecurity/. These organizations will be fully aware of this situation and can support you through the process. For further information related to cybersecurity in Schneider Electric’s products, visit the company’s cybersecurity support portal page: https://www.se.com/ww/en/work/support/cybersecurity/overview.jsp

LEGAL DISCLAIMER

THIS NOTIFICATION DOCUMENT, THE INFORMATION CONTAINED HEREIN, AND ANY MATERIALS LINKED FROM IT (COLLECTIVELY, THIS “NOTIFICATION”) ARE INTENDED TO HELP PROVIDE AN OVERVIEW OF THE IDENTIFIED SITUATION AND SUGGESTED MITIGATION ACTIONS, REMEDIATION, FIX, AND/OR GENERAL SECURITY RECOMMENDATIONS AND IS PROVIDED ON AN “AS-IS” BASIS WITHOUT WARRANTY OR GUARANTEE OF ANY KIND. SCHNEIDER ELECTRIC DISCLAIMS ALL WARRANTIES RELATING TO THIS NOTIFICATION, EITHER EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. SCHNEIDER ELECTRIC MAKES NO WARRANTY THAT THE NOTIFICATION WILL RESOLVE THE IDENTIFIED SITUATION. IN NO EVENT SHALL SCHNEIDER ELECTRIC BE LIABLE FOR ANY DAMAGES OR LOSSES WHATSOEVER IN CONNECTION WITH THIS NOTIFICATION, INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF SCHNEIDER ELECTRIC HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. YOUR USE OF THIS NOTIFICATION IS AT YOUR OWN RISK, AND YOU ARE SOLELY LIABLE FOR ANY DAMAGES TO YOUR SYSTEMS OR ASSETS OR OTHER LOSSES THAT MAY RESULT FROM YOUR USE OF THIS NOTIFICATION. SCHNEIDER ELECTRIC RESERVES THE RIGHT TO UPDATE OR CHANGE THIS NOTIFICATION AT ANY TIME AND IN ITS SOLE DISCRETION

About Schneider Electric

At Schneider, we believe access to energy and digital is a basic human right. We empower all to do more with less, ensuring Life Is On everywhere, for everyone, at every moment. We provide energy and automation digital solutions for efficiency and sustainability. We combine world-leading energy technologies, real-time automation, software and services into integrated solutions for Homes, Buildings, Data Centers, Infrastructure and Industries. We are committed to unleash the infinite possibilities of an open, global, innovative community that is passionate with our Meaningful Purpose, Inclusive and Empowered values. www.se.com

Overview

Schneider Electric is aware of multiple Microsoft Windows vulnerabilities in its Schneider Conext™ Advisor 2 & Conext™ Control V2 products. The Conext™ Advisor 2 is a web portal with an efficient, task-oriented interface for managing and optimizing the performance of solar power plants and includes a complete suite of tools for professional users. The Conext™ Control V2 is a Solar Power Plant monitoring solution. Failure to apply the remediations provided below may risk remote code execution, which could result in undesired behavior within the operating system. An attacker who successfully exploits this vulnerability could execute arbitrary code on the target system and then install programs; view, change, or delete data; or create new accounts with full user rights.

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "We strongly recommend the following industry cybersecurity best practices.\n\nhttps://www.se.com/us/en/download/document/7EN52-0390/\n* Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network.\n* Install physical controls so no unauthorized personnel can access your industrial control and safety systems, components, peripheral equipment, and networks.\n* Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.\n* Never connect programming software to any network other than the network intended for that device.\n* Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc. before use in the terminals or any node connected to these networks.\n* Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.\n* Minimize network exposure for all control system devices and systems and ensure that they are not accessible from the Internet.\n* When remote access is required, use secure methods, such as Virtual Private Networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices.\nFor more information refer to the Schneider Electric Recommended Cybersecurity Best Practices document. \n",
        "title": "General Security Recommendations"
      },
      {
        "category": "general",
        "text": "This document provides an overview of the identified vulnerability or vulnerabilities and actions required to mitigate. For more details and assistance on how to protect your installation, contact your local Schneider Electric representative or Schneider Electric Industrial Cybersecurity Services: https://www.se.com/ww/en/work/solutions/cybersecurity/. These organizations will be fully aware of this situation and can support you through the process.\nFor further information related to cybersecurity in Schneider Electric\u2019s products, visit the company\u2019s cybersecurity support portal page: https://www.se.com/ww/en/work/support/cybersecurity/overview.jsp",
        "title": "For More Information"
      },
      {
        "category": "legal_disclaimer",
        "text": "THIS NOTIFICATION DOCUMENT, THE INFORMATION CONTAINED HEREIN, AND ANY MATERIALS LINKED FROM IT (COLLECTIVELY, THIS \u201cNOTIFICATION\u201d) ARE INTENDED TO HELP PROVIDE AN OVERVIEW OF THE IDENTIFIED SITUATION AND SUGGESTED MITIGATION ACTIONS, REMEDIATION, FIX, AND/OR GENERAL SECURITY RECOMMENDATIONS AND IS PROVIDED ON AN \u201cAS-IS\u201d BASIS WITHOUT WARRANTY OR GUARANTEE OF ANY KIND.  SCHNEIDER ELECTRIC DISCLAIMS ALL WARRANTIES RELATING TO THIS NOTIFICATION, EITHER EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. SCHNEIDER ELECTRIC MAKES NO WARRANTY THAT THE NOTIFICATION WILL RESOLVE THE IDENTIFIED SITUATION. IN NO EVENT SHALL SCHNEIDER ELECTRIC BE LIABLE FOR ANY DAMAGES OR LOSSES WHATSOEVER IN CONNECTION WITH THIS NOTIFICATION, INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF SCHNEIDER ELECTRIC HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. YOUR USE OF THIS NOTIFICATION IS AT YOUR OWN RISK, AND YOU ARE SOLELY LIABLE FOR ANY DAMAGES TO YOUR SYSTEMS OR ASSETS OR OTHER LOSSES THAT MAY RESULT FROM YOUR USE OF THIS NOTIFICATION. SCHNEIDER ELECTRIC RESERVES THE RIGHT TO UPDATE OR CHANGE THIS NOTIFICATION AT ANY TIME AND IN ITS SOLE DISCRETION",
        "title": "LEGAL DISCLAIMER"
      },
      {
        "category": "general",
        "text": "At Schneider, we believe access to energy and digital is a basic human right. We empower all to do more with less, ensuring Life Is On everywhere, for everyone, at every moment.\n\nWe provide energy and automation digital solutions for efficiency and sustainability. We combine world-leading energy technologies, real-time automation, software and services into integrated solutions for Homes, Buildings, Data Centers, Infrastructure and Industries.\n\nWe are committed to unleash the infinite possibilities of an open, global, innovative community that is passionate with our Meaningful Purpose, Inclusive and Empowered values.\n\nwww.se.com ",
        "title": "About Schneider Electric"
      },
      {
        "category": "summary",
        "text": "Schneider Electric is aware of multiple Microsoft Windows vulnerabilities in its Schneider Conext\u2122 Advisor 2 \u0026 Conext\u2122 Control V2 products.\r\nThe Conext\u2122 Advisor 2 is a web portal with an efficient, task-oriented interface for managing and optimizing the performance of solar power plants and includes a complete suite of tools for professional users.\r\nThe Conext\u2122 Control V2 is a Solar Power Plant monitoring solution.\r\nFailure to apply the remediations provided below may risk remote code execution, which could result in undesired behavior within the operating system. An attacker who successfully exploits this vulnerability could execute arbitrary code on the target system and then install programs; view, change, or delete data; or create new accounts with full user rights.",
        "title": "Overview"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "cpcert@se.com",
      "name": "Schneider Electric CPCERT",
      "namespace": "https://www.se.com/ww/en/work/support/cybersecurity/security-notifications.jsp"
    },
    "references": [
      {
        "category": "self",
        "summary": "Conext\u2122 Advisor \u0026 Conext\u2122 Control V2 - SEVD-2021-285-05 PDF Version",
        "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2021-285-05_Conext_Advisor_and_Conext_Control_Security_Notification.pdf"
      },
      {
        "category": "self",
        "summary": "Conext\u2122 Advisor \u0026 Conext\u2122 Control V2 - SEVD-2021-285-05 CSAF Version",
        "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-285-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=sevd-2021-285-05.json"
      },
      {
        "category": "external",
        "summary": "Recommended Cybersecurity Best Practices",
        "url": "https://www.se.com/us/en/download/document/7EN52-0390/"
      }
    ],
    "title": "Conext\u2122 Advisor \u0026 Conext\u2122 Control V2",
    "tracking": {
      "current_release_date": "2021-10-12T00:00:00.000Z",
      "generator": {
        "date": "2021-10-12T00:00:00.00Z",
        "engine": {
          "name": "Schneider Electric CSAF Generator",
          "version": "1.2"
        }
      },
      "id": "SEVD-2021-285-05",
      "initial_release_date": "2021-10-12T00:00:00.000Z",
      "revision_history": [
        {
          "date": "2021-10-12T00:00:00.000Z",
          "number": "1.0.0",
          "summary": "Original Release"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=2.02",
                "product": {
                  "name": "Schneider Electric Conext\u2122 Advisor 2 Cloud 2.02 and below",
                  "product_id": "1"
                }
              }
            ],
            "category": "product_name",
            "name": "Conext\u2122 Advisor 2 Cloud"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=1.28.45",
                "product": {
                  "name": "Schneider Electric Conext\u2122 Advisor 2 Gateway 1.28.45 and below",
                  "product_id": "2"
                }
              }
            ],
            "category": "product_name",
            "name": "Conext\u2122 Advisor 2 Gateway"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=2.6",
                "product": {
                  "name": "Schneider Electric Conext\u2122 Control V2 Gateway 2.6 and below",
                  "product_id": "3"
                }
              }
            ],
            "category": "product_name",
            "name": "Conext\u2122 Control V2 Gateway"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "10",
                "product": {
                  "name": "Schneider Electric Microsoft Windows 10",
                  "product_id": "4"
                }
              }
            ],
            "category": "product_name",
            "name": "Microsoft Windows"
          }
        ],
        "category": "vendor",
        "name": "Schneider Electric"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-11135",
      "notes": [
        {
          "category": "description",
          "text": "TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.",
          "title": "CVE Description"
        }
      ],
      "product_status": {
        "fixed": [
          "4"
        ],
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Version Windows 10 of the Microsoft Windows includes a fix for this vulnerability and is available for download here:\r\n\u2022 https://www.microsoft.com/en-in/software-download/windows10\r\n\u2022 Reboot is required",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "restart_required": {
            "category": "system"
          },
          "url": "https://www.microsoft.com/en-in/software-download/windows10"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2019-11135"
    },
    {
      "cve": "CVE-2020-0601",
      "notes": [
        {
          "category": "description",
          "text": "A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka \u0027Windows CryptoAPI Spoofing Vulnerability\u0027.",
          "title": "CVE Description"
        }
      ],
      "product_status": {
        "fixed": [
          "4"
        ],
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Version Windows 10 of the Microsoft Windows includes a fix for this vulnerability and is available for download here:\r\n\u2022 https://www.microsoft.com/en-in/software-download/windows10\r\n\u2022 Reboot is required",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "restart_required": {
            "category": "system"
          },
          "url": "https://www.microsoft.com/en-in/software-download/windows10"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 8.1,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 8.1,
            "temporalSeverity": "HIGH",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2020-0601"
    },
    {
      "cve": "CVE-2020-0609",
      "notes": [
        {
          "category": "description",
          "text": "A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka \u0027Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2020-0610.",
          "title": "CVE Description"
        }
      ],
      "product_status": {
        "fixed": [
          "4"
        ],
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Version Windows 10 of the Microsoft Windows includes a fix for this vulnerability and is available for download here:\r\n\u2022 https://www.microsoft.com/en-in/software-download/windows10\r\n\u2022 Reboot is required",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "restart_required": {
            "category": "system"
          },
          "url": "https://www.microsoft.com/en-in/software-download/windows10"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2020-0609"
    },
    {
      "cve": "CVE-2020-0610",
      "notes": [
        {
          "category": "description",
          "text": "A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka \u0027Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2020-0609.",
          "title": "CVE Description"
        }
      ],
      "product_status": {
        "fixed": [
          "4"
        ],
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Version Windows 10 of the Microsoft Windows includes a fix for this vulnerability and is available for download here:\r\n\u2022 https://www.microsoft.com/en-in/software-download/windows10\r\n\u2022 Reboot is required",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "restart_required": {
            "category": "system"
          },
          "url": "https://www.microsoft.com/en-in/software-download/windows10"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2020-0610"
    },
    {
      "cve": "CVE-2020-0796",
      "notes": [
        {
          "category": "description",
          "text": "A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka \u0027Windows SMBv3 Client/Server Remote Code Execution Vulnerability\u0027.",
          "title": "CVE Description"
        }
      ],
      "product_status": {
        "fixed": [
          "4"
        ],
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Version Windows 10 of the Microsoft Windows includes a fix for this vulnerability and is available for download here:\r\n\u2022 https://www.microsoft.com/en-in/software-download/windows10\r\n\u2022 Reboot is required",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "restart_required": {
            "category": "system"
          },
          "url": "https://www.microsoft.com/en-in/software-download/windows10"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2020-0796"
    },
    {
      "cve": "CVE-2020-0938",
      "notes": [
        {
          "category": "description",
          "text": "A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format. For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely, aka \u0027Adobe Font Manager Library Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2020-1020.",
          "title": "CVE Description"
        }
      ],
      "product_status": {
        "fixed": [
          "4"
        ],
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Version Windows 10 of the Microsoft Windows includes a fix for this vulnerability and is available for download here:\r\n\u2022 https://www.microsoft.com/en-in/software-download/windows10\r\n\u2022 Reboot is required",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "restart_required": {
            "category": "system"
          },
          "url": "https://www.microsoft.com/en-in/software-download/windows10"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2020-0938"
    },
    {
      "cve": "CVE-2020-1020",
      "notes": [
        {
          "category": "description",
          "text": "A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format. For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely, aka \u0027Adobe Font Manager Library Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2020-0938.",
          "title": "CVE Description"
        }
      ],
      "product_status": {
        "fixed": [
          "4"
        ],
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Version Windows 10 of the Microsoft Windows includes a fix for this vulnerability and is available for download here:\r\n\u2022 https://www.microsoft.com/en-in/software-download/windows10\r\n\u2022 Reboot is required",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "restart_required": {
            "category": "system"
          },
          "url": "https://www.microsoft.com/en-in/software-download/windows10"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 7.8,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 7.8,
            "temporalSeverity": "HIGH",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2020-1020"
    },
    {
      "cve": "CVE-2020-1350",
      "notes": [
        {
          "category": "description",
          "text": "A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka \u0027Windows DNS Server Remote Code Execution Vulnerability\u0027.",
          "title": "CVE Description"
        }
      ],
      "product_status": {
        "fixed": [
          "4"
        ],
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Version Windows 10 of the Microsoft Windows includes a fix for this vulnerability and is available for download here:\r\n\u2022 https://www.microsoft.com/en-in/software-download/windows10\r\n\u2022 Reboot is required",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "restart_required": {
            "category": "system"
          },
          "url": "https://www.microsoft.com/en-in/software-download/windows10"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2020-1350"
    },
    {
      "cve": "CVE-2020-1472",
      "notes": [
        {
          "category": "description",
          "text": "An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka \u0027Netlogon Elevation of Privilege Vulnerability\u0027.",
          "title": "CVE Description"
        }
      ],
      "product_status": {
        "fixed": [
          "4"
        ],
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Version Windows 10 of the Microsoft Windows includes a fix for this vulnerability and is available for download here:\r\n\u2022 https://www.microsoft.com/en-in/software-download/windows10\r\n\u2022 Reboot is required",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "restart_required": {
            "category": "system"
          },
          "url": "https://www.microsoft.com/en-in/software-download/windows10"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2020-1472"
    },
    {
      "cve": "CVE-2019-0803",
      "notes": [
        {
          "category": "description",
          "text": "An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka \u0027Win32k Elevation of Privilege Vulnerability\u0027. This CVE ID is unique from CVE-2019-0685, CVE-2019-0859.",
          "title": "CVE Description"
        }
      ],
      "product_status": {
        "fixed": [
          "4"
        ],
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Version Windows 10 of the Microsoft Windows includes a fix for this vulnerability and is available for download here:\r\n\u2022 https://www.microsoft.com/en-in/software-download/windows10\r\n\u2022 Reboot is required",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "restart_required": {
            "category": "system"
          },
          "url": "https://www.microsoft.com/en-in/software-download/windows10"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 7.8,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 7.8,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2019-0803"
    },
    {
      "cve": "CVE-2019-1040",
      "notes": [
        {
          "category": "description",
          "text": "A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection, aka \u0027Windows NTLM Tampering Vulnerability\u0027.",
          "title": "CVE Description"
        }
      ],
      "product_status": {
        "fixed": [
          "4"
        ],
        "known_affected": [
          "1",
          "2",
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Version Windows 10 of the Microsoft Windows includes a fix for this vulnerability and is available for download here:\r\n\u2022 https://www.microsoft.com/en-in/software-download/windows10\r\n\u2022 Reboot is required",
          "product_ids": [
            "1",
            "2",
            "3"
          ],
          "restart_required": {
            "category": "system"
          },
          "url": "https://www.microsoft.com/en-in/software-download/windows10"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 5.9,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.9,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "1",
            "2",
            "3"
          ]
        }
      ],
      "title": "CVE-2019-1040"
    }
  ]
}

tid-316

Vulnerability from emb3d

Type

application-software

Link

Show details on source website

Description

Certificate-based authentication depends on the correct parsing and validation of an X.509 certificate. However, if the certificate is not properly parsed and all fields are not validated, a threat actor could potentially bypass authentication using a fraudulent certificate.

CWE

CWE-295: Improper Certificate Validation

GHSA-82JC-CV6X-R223

Vulnerability from github – Published: 2022-05-24 17:06 – Updated: 2025-10-22 00:31

Details

Severity ?

8.1 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-0601"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-01-14T23:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka \u0027Windows CryptoAPI Spoofing Vulnerability\u0027.",
  "id": "GHSA-82jc-cv6x-r223",
  "modified": "2025-10-22T00:31:49Z",
  "published": "2022-05-24T17:06:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0601"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0601"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/155960/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/155961/CurveBall-Microsoft-Windows-CryptoAPI-Spoofing-Proof-Of-Concept.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-0601 (GCVE-0-2020-0601)

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Vendor Report Successful Exploitation Confidence: 80% Source: cisa-kev

Details

References

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Vulnerability from bitnami_vulndb

Vulnerability from emb3d

Tags

Sightings

Nomenclature