CVE-2020-0601 and lsass.exe in EDR

Hello all,

​

in an EDR I noticed a few days ago an alert that marked the process lsass.exe as suspicious and gave the above CVE number as the reason.

​

CVE-2020-0601:

My understanding is that this vulnerability is aimed at generating custom certificates by exploiting a flaw in the Eliptic Curve. This malicious certificate can then be used, for example, to set up a fake domain or to sign own files. ([https://www.youtube.com/watch?v=8RI60aRyhoE](https://www.youtube.com/watch?v=8RI60aRyhoE))

​

To the EDR alert:

The process …

cve cybersecurity edr lsass