Critical ASP.NET Core Vulnerability Patched by Microsoft

Critical ASP.NET Core Vulnerability Patched by Microsoft

Posted on By CWS

Microsoft has swiftly released essential updates to fix a significant security flaw in ASP.NET Core, which posed a risk of privilege escalation for potential attackers. The flaw, identified as CVE-2026-40372, has been assigned a high severity score of 9.1 on the CVSS scale and is deemed critical.

Details of the CVE-2026-40372 Vulnerability

This vulnerability was brought to light by an anonymous researcher and involves improper cryptographic signature verification within ASP.NET Core. Microsoft has warned that this flaw could enable unauthorized individuals to gain SYSTEM-level access over a network.

Exploiting this vulnerability could allow attackers to access sensitive files and alter data. However, exploitation is contingent upon certain conditions: the application must utilize Microsoft.AspNetCore.DataProtection version 10.0.6 from NuGet, the library must be loaded at runtime, and the system must operate on Linux, macOS, or another non-Windows platform.

Microsoft’s Response and Patch Release

To mitigate this critical vulnerability, Microsoft has issued a fix in ASP.NET Core version 10.0.7. The issue stemmed from a regression in the Microsoft.AspNetCore.DataProtection NuGet packages (versions 10.0.0 to 10.0.6), where the managed authenticated encryptor mishandled HMAC validation tags.

This misconfiguration allowed attackers to create fake payloads that could bypass authenticity checks, potentially decrypting protected data like authentication cookies and antiforgery tokens. Microsoft detailed these findings in its release notes.

Impact and Future Precautions

Should an attacker have exploited this vulnerability, they might have obtained legitimate authentication tokens, such as session refresh tokens or API keys, which would remain valid even after upgrading to the patched version unless the DataProtection key ring is rotated.

Organizations using ASP.NET Core are strongly advised to apply this update promptly to safeguard their systems. Continuous monitoring and timely updates are crucial to maintaining robust security defenses against such vulnerabilities.

This incident underscores the importance of proactive security measures and swift response to vulnerabilities in software applications.

The Hacker News Tags:, , , , , , , , , ,

Related Posts

New Osiris Ransomware Emerges as New Strain Using POORTRY Driver in BYOVD Attack New Osiris Ransomware Emerges as New Strain Using POORTRY Driver in BYOVD Attack The Hacker News
CISA Urges Patching of Apple and CMS Vulnerabilities CISA Urges Patching of Apple and CMS Vulnerabilities The Hacker News
Russia-Aligned Hackers Abuse Viber to Target Ukrainian Military and Government Russia-Aligned Hackers Abuse Viber to Target Ukrainian Military and Government The Hacker News
Lazarus Group Deploys Medusa Ransomware in Cyber Attacks Lazarus Group Deploys Medusa Ransomware in Cyber Attacks The Hacker News
Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans Android Droppers Now Deliver SMS Stealers and Spyware, Not Just Banking Trojans The Hacker News
A Cybercrime Merger Like No Other — Scattered Spider, LAPSUS$, and ShinyHunters Join Forces A Cybercrime Merger Like No Other — Scattered Spider, LAPSUS$, and ShinyHunters Join Forces The Hacker News