An adversary exploits a cryptographic weakness in the signature verification algorithm implementation to generate a valid signature without knowing the key.

Related CWE definitions

The product does not validate, or incorrectly validates, a certificate.
The product uses a broken or risky cryptographic algorithm or protocol.
The product does not verify, or incorrectly verifies, the cryptographic signature for data.
Please note that CAPEC definitions are provided as a quick reference only. Visit for a complete list of CAPEC entries and more information.
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to terms of use!