Описание
PFX Encryption Security Feature Bypass Vulnerability
FAQ
What kind of security feature could be bypassed by successfully exploiting this vulnerability?
When exporting a SID-protected PFX file, keys encrypted using AES are not properly protected. Any SID-protected PFX files using AES for key encryption should be regenerated and exported after this update is installed.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows 10 Version 1803 for 32-bit Systems | ||
| Windows 10 Version 1803 for x64-based Systems | ||
| Windows 10 Version 1803 for ARM64-based Systems | ||
| Windows 10 Version 1809 for 32-bit Systems | ||
| Windows 10 Version 1809 for x64-based Systems | ||
| Windows 10 Version 1809 for ARM64-based Systems | ||
| Windows Server 2019 | ||
| Windows Server 2019 (Server Core installation) | ||
| Windows 10 Version 1909 for 32-bit Systems | ||
| Windows 10 Version 1909 for x64-based Systems |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
PFX Encryption Security Feature Bypass Vulnerability
Уязвимость реализации технологии криптографии PFX (PKCS#12 - Public-Key Cryptography Standards) операционных систем Microsoft Windows, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
5.5 Medium
CVSS3