|Number of vulnerabilities||1|
Microsoft .NET Framework
Server applications / Frameworks for developing and running applications
This security bulletin contains one low risk vulnerability.
Exploit availability: NoDescription
The vulnerability allows a remote attacker to bypass certain security restrictions on the target system.
The weakness exists due to improper validation of certificates by Microsoft .NET Framework (and .NET Core) components. A remote attacker can force the usage of invalid certificates for certain use by affected component, disregard the Enhanced Key Usage taggings and bypass security restrictions.
Successful exploitation of the vulnerability results in security bypass.
Install update from vendor's website.
Microsoft .NET Framework: 2.0 - 4.7
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?