Critical Vulnerability Information 1. CVE-2025-51726: SHA-1 Weak Hash and Signature Bypass Issue Description: - Exploiting the SHA-1 weak hash and signature bypass vulnerability, attackers can create certificates and signatures that appear legitimate, thereby deceiving users into installing malicious software. - Attackers used a self-signed certificate (forged CyberGhost certificate) to successfully generate a fake CA and SHA-1 certificate, which was then used to sign a forged executable file. Technical Details: - Generated a fake CA and SHA-1 certificate using OpenSSL. - Signed a forged executable file, causing it to display as "Signed" in Windows. - Passed SmartScreen validation, proving the forged certificate is effective. Risk: - Users may mistakenly believe they are installing software from a trusted vendor (such as CyberGhost), when in fact it is malware. - Particularly dangerous in supply chain attacks and APT-level scenarios, especially in environments that do not enforce strict certificate validation or SmartScreen policies. 2. CVE-2015: Missing High-Entropy ASLR – Predictable Memory Layout Issue Description: - Due to the absence of high-entropy ASLR, memory layout becomes predictable, increasing the success rate of memory corruption attacks such as ROP (Return-Oriented Programming). Technical Details: - Using Windbg, multiple runs of CyberGhostVPNSetup.exe showed the binary consistently loaded at low memory addresses (e.g., 0x00400000). - When high-entropy ASLR is enabled, the binary should load into a highly randomized address space (e.g., 0x00007FF6F0000000), but this did not occur in practice. Risk: - Attackers can predict memory layout, increasing the success rate of memory corruption attacks. Combined Risk Combined Risk: - These two weaknesses together create a dangerous scenario: trust bypass combined with predictable memory layout. - Attackers can leverage these vulnerabilities to perform more effective memory corruption attacks, significantly increasing attack success rates. Evidence: - Screenshots provided showing the creation and signing of the forged SHA-1 certificate, as well as Windbg output displaying low, non-randomized base addresses. Conclusion: - This is not merely a theoretical vulnerability, but a real-world exploitability that can be directly demonstrated via PoC.