Exploit for #VU28557 Man-in-the-Middle (MitM) attack in GnuTLS

Cybersecurity Help s.r.o.

Published: 2020-06-10 | Updated: 2020-07-15

Vulnerability identifier: #VU28557

Vulnerability risk: Medium

CVSSv4.0: 2.1 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2020-13777

CWE-ID: CWE-300

Exploitation vector: Local network

Exploits in database: 3

July 15, 2020
- PoC_TLS1_3_CVE-2020-13777 () [Github]
June 19, 2020
- challenge_CVE-2020-13777 (Challange CVE-2020-13777 ) [Github]
June 10, 2020
- cve-2020-13777 (Zeek script to detect servers vulnerable to CVE-2020-13777) [Github]

Vulnerable software:
GnuTLS
Universal components / Libraries / Libraries used by multiple products

Vendor: GnuTLS