EXECUTIVE SUMMARY:
CVE-2026-44900 with a CVSS score of 8.1 is a vulnerability in the epa4all-client product, specifically affecting versions that utilize the SignedPublicKeysTrustValidatorImpl.isTrusted() method to perform ECDSA signature verification. This method incorrectly discards the boolean return value of Signature.verify() at line 45, allowing any structurally valid signature to be considered trusted without actual verification. As a result, an attacker with network access can exploit this vulnerability by submitting a malicious ECDSA signature, requiring no privileges or user interaction. Exploitation of this vulnerability enables an attacker to gain the capability to bypass VAU (Vendor-Agnostic Update) signature checks, allowing them to potentially manipulate or forge trusted signatures. If exploited, the business impact and consequences include the potential for unauthorized updates or changes to sensitive data, leading to data confidentiality and integrity losses, as well as system availability disruptions. Prerequisites for exploitation include network access to the affected system and the ability to submit a malicious ECDSA signature.[/subscribe_to_unlock_form]
EXECUTIVE SUMMARY:
CVE-2026-44900 with a CVSS score of 8.1 is a vulnerability in the epa4all-client product, specifically affecting versions that utilize the SignedPublicKeysTrustValidatorImpl.isTrusted() method to perform ECDSA signature verification. This method incorrectly discards the boolean return value of Signature.verify() at line 45, allowing any structurally valid signature to be considered trusted without actual verification. As a result, an attacker with network access can exploit this vulnerability by submitting a malicious ECDSA signature, requiring no privileges or user interaction. Exploitation of this vulnerability enables an attacker to gain the capability to bypass VAU (Vendor-Agnostic Update) signature checks, allowing them to potentially manipulate or forge trusted signatures. If exploited, the business impact and consequences include the potential for unauthorized updates or changes to sensitive data, leading to data confidentiality and integrity losses, as well as system availability disruptions. Prerequisites for exploitation include network access to the affected system and the ability to submit a malicious ECDSA signature.[emaillocker id="1283"]
RECOMMENDATION:
REFERENCES:
The following reports contain further technical details:
https://github.com/advisories/GHSA-g8r3-5hwf-qp96