mtrojnar Osslsigncode Privilege Escalation Vulnerability

A privilege escalation vulnerability exists in mtrojnar Osslsigncode versions through 2.10. The issue arises from the osslsigncode.c component, which fails to properly validate X.509 Key Usage extensions in code-signing certificates. This oversight allows certificates not intended for code signing to be accepted, potentially leading to unauthorized signing actions.

Impact

Exploitation of this vulnerability could allow an attacker to misuse certificates for signing purposes, including the distribution of malicious software, by taking advantage of validation weaknesses in the X.509 Key Usage enforcement.

Reproduction

The vulnerability can be reproduced by using a certificate that is not intended for code signing but is missing or misconfigured Key Usage authorization constraints. Such a certificate can be obtained relatively easily and, once applied to sign a file, will pass verification checks in Osslsigncode, despite not meeting the necessary requirements for code signing.

Remediation

Users can update to Osslsigncode version 0.9.2 or later, which includes the necessary validation checks for Key Usage extensions in accordance with industry standards.