uthenticode signature validation bypass vulnerability
CVE-2023-39969

9.1CRITICAL

Key Information:

Vendor

Trailofbits

Status
Uthenticode
Vendor
CVE Published:
9 August 2023

What is CVE-2023-39969?

The uthenticode library, which is designed for partially verifying Authenticode digital signatures, has a vulnerability in version 1.0.9. This version erroneously hashes the entire file instead of specific sections by virtual address, breaching the Authenticode specification. Consequently, an attacker could potentially alter the code within a binary while retaining its Authenticode hash, misleading uthenticode into perceiving the modified binary as valid. This vulnerability does not affect uthenticode versions 2.x or earlier versions prior to 1.0.9. It highlights an unintended design flaw in the signature verification process of uthenticode. Users are strongly recommended to update to the latest versions to mitigate any security risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

uthenticode = 1.0.9

References

https://github.com/trailofbits/uthenticode/security/advis...
x_refsource_CONFIRM
https://github.com/trailofbits/uthenticode/pull/84
x_refsource_MISC
https://github.com/trailofbits/uthenticode/commit/8670b7b...
x_refsource_MISC

CVSS V3.1

Score:
9.1
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.