Blog, General, News

CVE-2020-0601 Security Advice from Edgescan

Windows CVE-2020-0601?

This blog explains CVE-2020-0601, how to identify if you are vulnerable and what, if anything, you need to do.

 

What is it?

A man-in-the-middle/spoofing vulnerability exists in Windows 10, Windows Server 2016/2019 – when an authenticated attacker is on the target system, they can use a spoofed code-signing certificate to sign malicious executables making the file appear as if it’s from a trusted source. This vulnerability is post-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could conduct man-in-the-middle attacks and decrypt encrypted traffic such as traffic sent over the encrypted protocol of HTTPS. To exploit this vulnerability, an attacker would need to be authenticated to the device.

 

Should I be worried? 
You may be vulnerable if you have unpatched Windows machines running Windows 10 or Windows Server 2016/2019.

 

What do I need to do?

Currently, there is no safe PoC for testing assets. Once a PoC is developed or available in the wild, Edgescan clients will be notified as soon as possible, if they are vulnerable. 

You should also check your patching as per for Windows 10 or Windows Server 2016/2019:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601

 


Here for CVE advisory:

https://nvd.nist.gov/vuln/detail/CVE-2020-0601

 

Here for the NSA advisory:

https://media.defense.gov/2020/Jan/14/2002234275/-1/-1/0/CSA-WINDOWS-10-CRYPT-LIB-20190114.PDF

 

If you have any concerns please reach out to the Edgescan Team.

 

Take this opportunity to download the edgescan 2019 Vulnerability Stats Report.

 

Posted January 15, 2020 in NEWS

Theo

theo.g@edgescan.com

Marketing Executive of Edgescan

Recent News

Edgescan Company Day & Awards
Sep 9, 2022

Edgescan Company Day & Awards

Keeping Your Wizards: Onboarding and Retaining Cybersecurity Staff
Aug 24, 2022

Keeping Your Wizards: Onboarding and Retaining Cybersecurity Staff

Transforming the Vulnerability Management Function
Aug 17, 2022

Transforming the Vulnerability Management Function