CVE CVE-2020-0601 Mappings

A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.


Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2020-0601 Windows uncategorized T1203 Exploitation for Client Execution
CVE-2020-0601 Windows uncategorized T1190 Exploit Public-Facing Application