Summary: A vulnerability in SSL.com’s domain control validation process has led to the improper issuance of digital certificates for multiple legitimate domains, including aliyun.com. This flaw allowed a researcher to exploit the DCV method by manipulating DNS records, resulting in the issuance of fraudulent certificates. SSL.com has since revoked the affected certificates and disabled the insecure validation method while conducting a thorough investigation.
Affected: SSL.com, Alibaba Cloud (aliyun.com), and other legitimate domains
Keypoints :
- A researcher exploited a DCV vulnerability to obtain a fraudulent certificate for aliyun.com.
- Incorrect validation method allowed SSL.com to mistakenly verify the researcher’s email address as a legitimate domain owner.
- SSL.com has revoked a total of eleven mis-issued certificates and disabled the flawed validation method pending investigation.
- Additional affected domains include *.medinet.ca, help.gurusoft.com.sg, and others.
- The issue did not impact systems and APIs used by Entrust.
Source: https://www.securityweek.com/ssl-com-scrambles-to-patch-certificate-issuance-vulnerability/