Akamai researchers have published a PoC exploit for a critical vulnerability (CVE-2022-34689) in Windows CryptoAPI, which validates public key certificates. “An attacker could manipulate an existing public x.509 certificate to spoof their identity and perform actions such as authentication or code signing as the targeted certificate,” Microsoft said in October 2022, when they announced fixes for vulnerable Windows and Windows Server versions. The vulnerability was actually patched in August 2022, but its existence only revealed … More
The post Researchers release PoC exploit for critical Windows CryptoAPI bug (CVE-2022-34689) appeared first on Help Net Security.
This article has been indexed from Help Net Security
Read the original article: