Dettaglio CAPEC-475

CAPEC-475

Signature Spoofing by Improper Validation
Basso
Alto
Draft
2014-06-23
00h00 +00:00
2022-02-22
00h00 +00:00
CAPEC Mitre.org
Avviso per un CAPEC specifico
Rimani informato su qualsiasi modifica relativa a un CAPEC specifico.
Gestione notifiche

Descrizioni CAPEC

An adversary exploits a cryptographic weakness in the signature verification algorithm implementation to generate a valid signature without knowing the key.

Informazioni CAPEC

Prerequisiti

Recipient is using a weak cryptographic signature verification algorithm or a weak implementation of a cryptographic signature verification algorithm, or the configuration of the recipient's application accepts the use of keys generated using cryptographically weak signature verification algorithms.

Competenze richieste

Cryptanalysis of signature verification algorithm
Reverse engineering and cryptanalysis of signature verification algorithm implementation

Mitigazioni

Use programs and products that contain cryptographic elements that have been thoroughly tested for flaws in the signature verification routines.

Vulnerabilità correlate

CWE-ID Nome della vulnerabilità

CWE-347

 Improper Verification of Cryptographic Signature
The product does not verify, or incorrectly verifies, the cryptographic signature for data.

CWE-327

 Use of a Broken or Risky Cryptographic Algorithm
The product uses a broken or risky cryptographic algorithm or protocol.

CWE-295

 Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.

Riferimenti

REF-562

Microsoft's Chain of Fools
Kenn White.
https://blog.lessonslearned.org/chain-of-fools/

REF-563

Patch Critical Cryptographic Vulnerability in Microsoft Windows Clients and Servers
https://media.defense.gov/2020/Jan/14/2002234275/-1/-1/0/CSA-WINDOWS-10-CRYPT-LIB-20190114.PDF

REF-564

Analysis of REF-563
Thomas Ptacek, Thomas Pornin.
https://news.ycombinator.com/item?id=22048619

Invio

Nome Organizzazione Data Data di rilascio
CAPEC Content Team The MITRE Corporation 2014-06-23 +00:00

Modifiche

Nome Organizzazione Data Commento
CAPEC Content Team The MITRE Corporation 2017-05-01 +00:00 Updated Related_Attack_Patterns
CAPEC Content Team The MITRE Corporation 2019-04-04 +00:00 Updated Related_Weaknesses
CAPEC Content Team The MITRE Corporation 2019-09-30 +00:00 Updated Example_Instances, References, Related_Attack_Patterns, Related_Weaknesses
CAPEC Content Team The MITRE Corporation 2020-07-30 +00:00 Updated Description, Example_Instances
CAPEC Content Team The MITRE Corporation 2022-02-22 +00:00 Updated Description, Example_Instances, Extended_Description
Le informazioni presentate su CVE Find provengono da diverse fonti di riferimento attentamente selezionate. I dati CVE sono forniti da MITRE Corporation e dal National Vulnerability Database (NVD). Il catalogo delle vulnerabilità sfruttate conosciute (KEV) proviene dalla Cybersecurity and Infrastructure Security Agency (CISA), mentre i punteggi EPSS provengono da FIRST.org. Inoltre, i dati relativi alle vulnerabilità software (CWE) e ai pattern di attacco comuni (CAPEC) sono mantenuti da MITRE Corporation, e le informazioni sulle configurazioni hardware e software (CPE) sono fornite da NVD.