Researchers release PoC exploit for critical Windows CryptoAPI bug (CVE-2022-34689)

Akamai researchers have published a PoC exploit for a critical vulnerability (CVE-2022-34689) in Windows CryptoAPI, which validates public key certificates. “An attacker could manipulate an existing public x.509 certificate to spoof their identity and perform actions such as authentication or code signing as the targeted certificate,” Microsoft said in October 2022, when they announced fixes for vulnerable Windows and Windows Server versions. The vulnerability was actually patched in August 2022, but its existence only revealed … More

The post Researchers release PoC exploit for critical Windows CryptoAPI bug (CVE-2022-34689) appeared first on Help Net Security.

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to our Newsletter