‘The electronic IDentification, Authentication and trust Services‘
The vulnerabilities could be exploited by attackers to impersonate any EU citizen or business during official transactions.
“During a short crash test SEC Consult identified a critical vulnerability in the
The vulnerabilities fixed by the European authorities affect the
The vulnerabilities have been reported by security experts at SEC Consult, the first issue is described as Certificate Faking, the second one as Missing Certificate Validation.
The experts provided the following description of the sequence of authentication in their advisory: “If an Italian citizen wants to authenticate against a German online service, first the German
The researchers at SEC Consult
“Due to insufficient certificate verification the European Commission
The attacker has to initiate a malicious connection to an
The experts also included a
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.