CVE-2020-0601
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-0601
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft Windows CryptoAPI 信任管理问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Microsoft Windows CryptoAPI是美国微软(Microsoft)公司的一个在Windows 操作系统中添加的密码编译机能。作为资料加密与解密功能的重要基础,CryptoAPI 支持同步,异步的密钥加密处理,以及操作系统中的数字证书 的管理工作。 Microsoft Windows CryptoAPI (Crypt32.dll)中验证椭圆曲线加密(ECC)证书的方法存在信任管理问题漏洞。攻击者可通过使用欺骗性的代码签名证书利用该漏洞签名恶意的可执行文件。以下产品及版本受到影响:Micr
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Microsoft | Windows | 10 Version 1803 for 32-bit Systems | - | |
| Microsoft | Windows Server | version 1803 (Core Installation) | - | |
| Microsoft | Windows 10 Version 1903 for 32-bit Systems | unspecified | - | |
| Microsoft | Windows 10 Version 1903 for x64-based Systems | unspecified | - | |
| Microsoft | Windows 10 Version 1903 for ARM64-based Systems | unspecified | - | |
| Microsoft | Windows Server, version 1903 (Server Core installation) | unspecified | - | |
| Microsoft | Windows 10 Version 1909 for 32-bit Systems | unspecified | - | |
| Microsoft | Windows 10 Version 1909 for x64-based Systems | unspecified | - | |
| Microsoft | Windows Server, version 1909 (Server Core installation) | unspecified | - | |
| Microsoft | Windows 10 Version 1909 for ARM64-based Systems | unspecified | - |
II. Public POCs for CVE-2020-0601
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | Remote Code Execution Exploit | https://github.com/nissan-sudo/CVE-2020-0601 | POC Details |
| 2 | Zeek package to detect CVE-2020-0601 | https://github.com/0xxon/cve-2020-0601 | POC Details |
| 3 | A Windows Crypto Exploit | https://github.com/SherlockSec/CVE-2020-0601 | POC Details |
| 4 | None | https://github.com/JPurrier/CVE-2020-0601 | POC Details |
| 5 | Zeek package that uses OpenSSL to detect CVE-2020-0601 exploit attempts | https://github.com/0xxon/cve-2020-0601-plugin | POC Details |
| 6 | PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll) | https://github.com/ly4k/CurveBall | POC Details |
| 7 | A PoC for CVE-2020-0601 | https://github.com/kudelskisecurity/chainoffools | POC Details |
| 8 | 😂An awesome curated list of repos for CVE-2020-0601. | https://github.com/RrUZi/Awesome-CVE-2020-0601 | POC Details |
| 9 | Curated list of CVE-2020-0601 resources | https://github.com/BlueTeamSteve/CVE-2020-0601 | POC Details |
| 10 | Proof of Concept for CVE-2020-0601 | https://github.com/saleemrashid/badecparams | POC Details |
| 11 | C++ based utility to check if certificates are trying to exploit CVE-2020-0601 | https://github.com/0xxon/cve-2020-0601-utils | POC Details |
| 12 | Powershell to patch CVE-2020-0601 . Complete security rollup for Windows 10 1507-1909 | https://github.com/Doug-Moody/Windows10_Cumulative_Updates_PowerShell | POC Details |
| 13 | None | https://github.com/MarkusZehnle/CVE-2020-0601 | POC Details |
| 14 | CurveBall CVE exploitation | https://github.com/YoannDqr/CVE-2020-0601 | POC Details |
| 15 | Perl version of recently published scripts to build ECC certificates with specific parameters re CVE-2020-0601 | https://github.com/thimelp/cve-2020-0601-Perl | POC Details |
| 16 | Repo containing lua scripts and PCAP to find CVE-2020-0601 exploit attempts via network traffic | https://github.com/dlee35/curveball_lua | POC Details |
| 17 | CurveBall (CVE-2020-0601) - PoC CVE-2020-0601, or commonly referred to as CurveBall, is a vulnerability in which the signature of certificates using elliptic curve cryptography (ECC) is not correctly verified. Attackers can supply hand-rolled generators, bypassing validation, antivirus & all non-protections. | https://github.com/IIICTECH/-CVE-2020-0601-ECC---EXPLOIT | POC Details |
| 18 | None | https://github.com/Ash112121/CVE-2020-0601 | POC Details |
| 19 | CVE-2020-0601 #curveball - Alternative Key Calculator | https://github.com/gentilkiwi/curveball | POC Details |
| 20 | CVE-2020-0601: Windows CryptoAPI Vulnerability. (CurveBall/ChainOfFools) | https://github.com/Hans-MartinHannibalLauridsen/CurveBall | POC Details |
| 21 | PoC for "CurveBall" CVE-2020-0601 | https://github.com/apodlosky/PoC_CurveBall | POC Details |
| 22 | PoC for CVE-2020-0601 - CryptoAPI exploit | https://github.com/ioncodes/Curveball | POC Details |
| 23 | proof of concept for CVE-2020-0601 | https://github.com/amlweems/gringotts | POC Details |
| 24 | PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll) POC: https://github.com/ollypwn/CurveBall | https://github.com/yanghaoi/CVE-2020-0601 | POC Details |
| 25 | Resources related to CurveBall (CVE-2020-0601) detection | https://github.com/talbeerysec/CurveBallDetection | POC Details |
| 26 | PoC for CVE-2020-0601 vulnerability (Code Signing) | https://github.com/david4599/CurveballCertTool | POC Details |
| 27 | 这资源是作者复现微软签字证书漏洞CVE-2020-0601,结合相关资源及文章实现。推荐大家结合作者博客,理解ECC算法、Windows验证机制,并尝试自己复现可执行文件签名证书和HTTPS劫持的例子。作为网络安全初学者,自己确实很菜,但希望坚持下去,加油! | https://github.com/eastmountyxz/CVE-2020-0601-EXP | POC Details |
| 28 | 这资源是作者复现微软签字证书漏洞CVE-2020-0601,结合相关资源及文章实现。推荐大家结合作者博客,复现了该漏洞和理解恶意软件自启动劫持原理。作为网络安全初学者,自己确实很菜,但希望坚持下去,一起加油! | https://github.com/eastmountyxz/CVE-2018-20250-WinRAR | POC Details |
| 29 | CVE-2020-0601 proof of concept | https://github.com/gremwell/cve-2020-0601_poc | POC Details |
| 30 | Materials for the second Rijeka secuity meetup. We will be discussing Microsoft cryptoapi vulnerability dubbed CurveBall (CVE-2020-0601) | https://github.com/bsides-rijeka/meetup-2-curveball | POC Details |
| 31 | None | https://github.com/exploitblizzard/CVE-2020-0601-spoofkey | POC Details |
| 32 | Implementing CVE-2020-0601 | https://github.com/ShayNehmad/twoplustwo | POC Details |
| 33 | None | https://github.com/okanulkr/CurveBall-CVE-2020-0601-PoC | POC Details |
| 34 | 2017-0021 | https://github.com/cimashiro/-Awesome-CVE-2020-0601- | POC Details |
| 35 | simulation experiment of Curveball (CVE-2020-0601) attacks under ECQV implicit certificates with Windows-like verifiers | https://github.com/tyj956413282/curveball-plus | POC Details |
| 36 | Demonstration of CVE-2020-0601 aka curveball. Based on the PoC's available at https://github.com/kudelskisecurity/chainoffools and https://github.com/ly4k/CurveBall | https://github.com/JoelBts/CVE-2020-0601_PoC | POC Details |
| 37 | None | https://github.com/Threekiii/Awesome-POC/blob/master/%E6%93%8D%E4%BD%9C%E7%B3%BB%E7%BB%9F%E6%BC%8F%E6%B4%9E/Windows%20CryptoAPI%20%E6%AC%BA%E9%AA%97%E6%BC%8F%E6%B4%9E%20CVE-2020-0601.md | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2020-0601
请登录查看更多情报信息。
Same Patch Batch · Microsoft · 2020-01-14 · 49 CVEs total
| CVE-2020-0639 | Microsoft Windows Common Log File System驱动程序信息泄露漏洞 | |
| CVE-2020-0642 | Microsoft Windows和Microsoft Windows Server 资源管理错误漏洞 | |
| CVE-2020-0644 | Microsoft Windows和Microsoft Windows Server 安全漏洞 | |
| CVE-2020-0651 | Microsoft Excel 缓冲区错误漏洞 | |
| CVE-2020-0652 | Microsoft Office 缓冲区错误漏洞 | |
| CVE-2020-0653 | Microsoft Excel 缓冲区错误漏洞 | |
| CVE-2020-0654 | Microsoft OneDrive 安全漏洞 | |
| CVE-2020-0656 | Microsoft Dynamics 365 跨站脚本漏洞 | |
| CVE-2020-0650 | Microsoft Excel 缓冲区错误漏洞 | |
| CVE-2020-0640 | Microsoft Internet Explorer 缓冲区错误漏洞 | |
| CVE-2020-0641 | Microsoft Windows Media Service 安全漏洞 | |
| CVE-2020-0638 | Microsoft Update Notification Manager 安全漏洞 | |
| CVE-2020-0637 | 微软 Microsoft Remote Desktop Web Access 信息泄露漏洞 | |
| CVE-2020-0636 | Microsoft Windows Subsystem for Linux 安全漏洞 | |
| CVE-2020-0635 | Microsoft Windows和Microsoft Windows Server 安全漏洞 | |
| CVE-2020-0634 | Microsoft Windows Common Log File System Driver 安全漏洞 | |
| CVE-2020-0633 | Microsoft Windows Search Indexer 安全漏洞 | |
| CVE-2020-0632 | Microsoft Windows Search Indexer 安全漏洞 | |
| CVE-2020-0631 | Microsoft Windows Search Indexer 安全漏洞 | |
| CVE-2020-0630 | Microsoft Windows Search Indexer 安全漏洞 |
Showing top 20 of 49 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: Microsoft
- CVE-2026-42826
Azure DevOps Information Disclosure Vulnerability - CVE-2026-35428
Azure Cloud Shell Spoofing Vulnerability - CVE-2026-35435
Azure AI Foundry Elevation of Privilege Vulnerability - CVE-2026-34327
Microsoft Partner Center Spoofing Vulnerability - CVE-2026-33844
Azure Managed Instance for Apache Cassandra Remote Code Exec
V. Comments for CVE-2020-0601
No comments yet