CVE-2022-34689

Name of the Vulnerable Software and Affected Versions Windows CryptoAPI (affected versions not specified)

Description The issue is related to a spoofing vulnerability in the Windows CryptoAPI, which can be exploited to bypass authentication. This vulnerability allows an attacker to conduct spoofing attacks, potentially enabling them to manipulate certificates, including x.509 certificates, and exploit MD5 collisions. The vulnerability was discovered by the NSA and the UK's NCSC. It is estimated that a significant number of data center systems and applications based on Windows remain vulnerable. The vulnerability can be used to digitally sign malicious executable files, making them appear as if they come from trusted sources. A proof-of-concept exploit has been released, demonstrating the vulnerability's potential impact, including the ability to conduct MITM attacks and make a browser believe it is communicating with a legitimate HTTPS server when it is actually interacting with a malicious fake.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.