Exploit for #VU24254 Spoofing attack in Windows and Windows Server

Vulnerability identifier: #VU24254

Vulnerability risk: High

CVSSv4.0: 8.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:A/U:Amber]

CVE-ID: CVE-2020-0601

CWE-ID: CWE-451

Exploitation vector: Network

Exploits in database: 38

• May 7, 2023
  • -Awesome-CVE-2020-0601- (2017-0021) [Github]
• April 12, 2021
  • CVE-2020-0601 (PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll) POC: https://github.com/ollypwn/CurveBall) [Github]
• March 30, 2021
  • CurveBall-CVE-2020-0601-PoC () [Github]
• March 14, 2021
  • CVE-2020-0601-spoofkey () [Github]
• June 3, 2020
  • CVE-2018-20250-WinRAR [Github]
  • Windows10_Cumulative_Updates_PowerShell (Powershell to patch CVE-2020-0601 . Complete security rollup for Windows 10 1507-1909) [Github]
  • CurveBall (CVE-2020-0601: Windows CryptoAPI Vulnerability. (CurveBall/ChainOfFools)) [Github]
  • CurveBall (PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll)) [Github]
  • gringotts (proof of concept for CVE-2020-0601) [Github]
  • Awesome-CVE-2020-0601 ( [Github]
  • CVE-2020-0601 (PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll) POC: https://github.com/ollypwn/CurveBall) [Github]
  • CurveBallDetection (Resources related to CurveBall (CVE-2020-0601) detection) [Github]
  • CVE-2020-0601 (Curated list of CVE-2020-0601 resources) [Github]
  • CurveballCertTool (PoC for CVE-2020-0601 vulnerability (Code Signing)) [Github]
  • []
  • CVE-2020-0601-EXP (这资源是作者复现微软签字证书漏洞CVE-2020-0601，结合相关资源及文章实现。推荐大家结合作者博客，理解ECC算法、Windows验证机制，并尝试自己复现可执行文件签名证书和HTTPS劫持的例子。作为网络安全初学者，自己确实很菜，但希望坚持下去，加油！) [Github]
  • PoC_CurveBall (PoC for "CurveBall" CVE-2020-0601) [Github]
  • cve-2020-0601_poc (CVE-2020-0601 proof of concept) [Github]
  • CVE-2020-0601-spoofkey () [Github]
  • curveball (CVE-2020-0601 #curveball - Alternative Key Calculator) [Github]
  • CVE-2020-0601 () [Github]
  • cve-2020-0601-Perl (Perl version of recently published scripts to build ECC certificates with specific parameters re CVE-2020-0601) [Github]
  • CVE-2020-0601 () [Github]
  • CVE-2020-0601 () [Github]
  • CVE-2020-0601 () [Github]
• April 7, 2020
  • cve-2020-0601 (Zeek package to detect CVE-2020-0601) [Github]
  • cve-2020-0601-utils (C++ based utility to check if certificates are trying to exploit CVE-2020-0601) [Github]
• March 24, 2020
  • Curveball (PoC for CVE-2020-0601 - CryptoAPI exploit) [Github]
• March 18, 2020
  • meetup-2-curveball (Materials for the second Rijeka secuity meetup. We will be discussing Microsoft cryptoapi vulnerability dubbed CurveBall (CVE-2020-0601)) [Github]
  • curveball_lua (Repo containing lua scripts and PCAP to find CVE-2020-0601 exploit attempts via network traffic) [Github]
  • CVE-2020-0601 (Remote Code Execution Exploit ) [Github]
  • twoplustwo (Implementing CVE-2020-0601) [Github]
  • chainoffools (A PoC for CVE-2020-0601) [Github]
  • # CVE-2020-0601-spoofkey [Github]
  • badecparams (Proof of Concept for CVE-2020-0601) [Github]
  • CVE-2020-0601 (CurveBall CVE exploitation) [Github]
  • -CVE-2020-0601-ECC---EXPLOIT (CurveBall (CVE-2020-0601) - PoC CVE-2020-0601, or commonly referred to as CurveBall, is a vulnerability in which the signature of certificates using elliptic curve cryptography (ECC) is not correctly verified. Attackers ca [Github]
  • CVE-2020-0601 (A Windows Crypto Exploit) [Github]

Vulnerable software:
Windows
Operating systems & Components / Operating system
Windows Server
Operating systems & Components / Operating system

Vendor: Microsoft