CAPEC-475 : Signature Spoofing by Improper Validation
An adversary exploits a cryptographic weakness in the signature verification algorithm implementation to generate a valid signature without knowing the key.https://capec.mitre.org/data/definitions/475.html
Related CWE definitions
The product does not validate, or incorrectly validates, a certificate.
The product uses a broken or risky cryptographic algorithm or protocol.
The product does not verify, or incorrectly verifies, the cryptographic signature for data.
Please note that CAPEC definitions are provided as a quick reference only. Visit http://capec.mitre.org/ for a complete list of CAPEC entries and more information.