Vulnerability Details : CVE-2020-11005
The WindowsHello open source library (NuGet HaemmerElectronics.SeppPenner.WindowsHello), before version 1.0.4, has a vulnerability where encrypted data could potentially be decrypted without needing authentication. If the library is used to encrypt text and write the output to a txt file, another executable could be able to decrypt the text using the static method NCryptDecrypt from this same library without the need to use Windows Hello Authentication again. This has been patched in version 1.0.4.
Products affected by CVE-2020-11005
- cpe:2.3:a:windowshello_project:windowshello:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-11005
0.02%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 3 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-11005
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
2.1
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
3.9
|
2.9
|
NIST | |
|
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.8
|
3.6
|
NIST | |
|
5.1
|
MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
1.4
|
3.6
|
GitHub, Inc. |
CWE ids for CVE-2020-11005
-
The product requires authentication, but the product has an alternate path or channel that does not require authentication.Assigned by: security-advisories@github.com (Secondary)
-
The product uses a broken or risky cryptographic algorithm or protocol.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-11005
-
https://github.com/SeppPenner/WindowsHello/security/advisories/GHSA-wvpv-ffcv-r6cw
Internal NCryptDecrypt method could be used by other libraries as well. · Advisory · SeppPenner/WindowsHello · GitHubThird Party Advisory
-
https://github.com/SeppPenner/WindowsHello/issues/3
[Question] Security of the Encrypted data · Issue #3 · SeppPenner/WindowsHello · GitHubIssue Tracking;Third Party Advisory
Jump to