This paper aims to explain the CVE-2020-0601, referred to as CurveBall, which is a web browser security vulnerability in which the signature of certificates is not correctly verified. The exploit targets Microsoft CryptoAPI, the program library that handles cryptographic functions for the Windows 10 operating system. The vulnerability affects the following famous browsers: Internet Explorer, Microsoft Edge, and Google Chrome.
- Understanding the spoofing vulnerability while validating the Elliptic Curve Cryptography (ECC) certificates
- Taking a look at the severity of the vulnerability
- Understanding the attack scenario and setting up the lab for exploitation.
- Exploiting the vulnerability and learning how to mitigate it