CAPEC-CAPEC-473 - CERT CVE
Naziv

Signature Spoof

Sažetak An attacker generates a message or datablock that causes the recipient to believe that the message or datablock was generated and cryptographically signed by an authoritative or reputable source, misleading a victim or victim operating system into performing malicious actions.
Preduvjeti The victim or victim system is dependent upon a cryptographic signature-based verification system for validation of one or more security events or actions.|The validation can be bypassed via an attacker-provided signature that makes it appear that the legitimate authoritative or reputable source provided the signature.
Rješenja no