CAPEC-475: Signature Spoofing by Improper Validation

An adversary exploits a cryptographic weakness in the signature verification algorithm implementation to generate a valid signature without knowing the key.

High

Typical severity

Per MITRE

Low

Likelihood of attack

Per MITRE

Related weaknesses

CWEs this targets

Detailed

Abstraction

MITRE classification

Overview

Signature verification algorithms are generally used to determine whether a certificate or piece of code (e.g. executable, binary, etc.) possesses a valid signature and can be trusted. If the leveraged algorithm confirms that a valid signature exists, it establishes a foundation of trust that is further conveyed to the end-user when interacting with a website or application. However, if the signature verification algorithm improperly validates the signature, either by not validating the signature at all or by failing to fully validate the signature, it could result in an adversary generating a spoofed signature and being classified as a legitimate entity. Successfully exploiting such a weakness could further allow the adversary to reroute users to malicious sites, steals files, activates microphones, records keystrokes and passwords, wipes disks, installs malware, and more.

CAPEC-475: Signature Spoofing by Improper Validation

Overview

What the attacker needs

Prerequisites

Skills required

How to mitigate it

Examples

Frequently asked questions

What is CAPEC-475?

How do you prevent CAPEC-475?

What weaknesses does CAPEC-475 target?

How severe is CAPEC-475?

References

Defend against CAPEC-475

Overview

What the attacker needs

Prerequisites

Skills required

How to mitigate it

Examples

Related weaknesses

Related attack patterns

Parent

Can precede

Frequently asked questions

What is CAPEC-475?

How do you prevent CAPEC-475?

What weaknesses does CAPEC-475 target?

How severe is CAPEC-475?

References

Defend against CAPEC-475