Researchers Pioneer PoC Exploit for NSA-Reported Bug in Windows CryptoAPI

Proof-of-Concept Attack for CVE-2022-34689Researchers at Akamai who have been analyzing the vulnerability for the past several months this week released details of an attack they developed for it, which they said would allow attackers to spoof the target certificate and masquerade as any website, with the ability to take a variety of malicious actions. Once the application had verified the certificate and stored it in its end certificate cache, Akamai showed how an attacker could then use a man-in-the-middle attack to serve the second malicious certificate to the same application and have it be verified as authentic. Researchers have developed a proof-of-concept (PoC) exploit for a public x.509 certificate-spoofing vulnerability in the Windows CryptoAPI that the NSA and the National Cyber Security Center (NCSC) reported to Microsoft last year.