Overview#

CryptoAPI (also known variously as Crypt32.dll, Microsoft Cryptography API, MS-CAPI or simply CAPI) is a Microsoft Windows API provides Cryptosystem services that enable developers to secure Windows-based applications using cryptography, and includes functionality for Encryption and Decryption data using digital certificates.

CryptoAPI uses the crypt32.dll which is a Microsoft Windows Software library that "certificate and cryptographic Message functions.

CryptoAPI was first introduced in Windows NT 4.0

CVE-2020-0601 (aka CurveBall)#

At a high level, this vulnerability takes advantage of the fact that Crypt32.dll fails to properly check that the Elliptic Curve parameters specified in a provided Root Certificate match those known to Microsoft.

This is considered a spoofing vulnerability that exists in the way Microsoft Windows CryptoAPI (Crypt32.dll) validates Digitally Signed messages on Elliptic Curve Cryptography (ECC). There are at least two instances demonstrated where an attacker could exploit the vulnerability:

• by using a spoofed code-signing certificate to sign a malicious executable
• the attacker to conduct Man-In-The-Middle attacks and decrypt confidential information on user connections to the affected software.

In both of these it appears the Digitally Signed file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.

You should also examine their Windows Event Log for instances of the new CveEventWrite event, which indicates active exploitation of the vulnerability in an environment

The vulnerability exists in these products:

• Windows 10 (all build numbers)
• Windows Server 2016
• Windows Server 2019

Older versions of Windows are not affected.

As of Jan. 15, 2020, this vulnerability is known to be exploited in the wild and the Attack Effort is considered low. The first proof-of-concept "fake ID generators" are out – a Python program of 53 lines, and a Ruby script of just 21 and they really are sitting there for anyone to use for free.

Visit https://curveballtest.com to test if your browser is vulnerable

More Information#

There might be more information for this subject on one of the following:

• CALG_RC4
• Crypt32.dll
• Web Blog_blogentry_170120_1

---

• [#1] - Microsoft_CryptoAPI - based on information obtained 2020-01-23
• [#2] - Cryptic Rumblings Ahead of First 2020 Patch Tuesday - based on information obtained 2020-01-17
• [#3] - Patch Critical Cryptographic Vulnerability in Microsoft Windows Clients and Servers - based on information obtained 2020-01-17
• [#4] - CVE-2020-0601 - Windows CryptoAPI Spoofing Vulnerability - based on information obtained 2020-01-17
• [#5] - CVE-2020-0601 Detail - based on information obtained 2020-01-23
• [#6] - Win10 Crypto Vulnerability: Cheating in Elliptic Curve Billiards 2 - based on information obtained 2020-01-23
• [#7] - CurveBall’s Additional Twist: The Certificate Comparison Bug - based on information obtained 2020-01-23
• [#8] - NSA and Github ‘rickrolled’ using Windows CryptoAPI bug - based on information obtained 2020-01-23
• [#2] - CVE-2020-0601 Followup - based on information obtained 2020-01-23