Description
Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network.
Published: 2026-04-21
Score: 9.1 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation
Action: Immediate Patch
AI Analysis

Impact

An attacker who can supply a forged cryptographic signature can bypass the normal authentication checks in Microsoft ASP.NET Core, effectively boosting their privileges within the application. The flaw stems from a failure to properly verify the signature, meaning the system accepts untrusted data as a valid authorization token. This allows an unauthorized user to acquire higher level access than intended. Based on the description, it is inferred that an attacker could modify protected resources, change configuration, or move laterally within the environment.

Affected Systems

Microsoft ASP.NET Core version 10.0 on all platforms that support this runtime. Any deployment of the framework that relies on the default signature validation path is susceptible.

Risk and Exploitability

The vulnerability carries a CVSS score of 9.1, indicating high severity. The EPSS score is not available, and the issue is not listed in CISA KEV. Based on the description, the likely attack vector is over the network, where an attacker can inject a forged signature into an authentication flow. Exploitation requires the ability to send a signed request to an endpoint that performs the flawed verification. Once exploited, the attacker gains elevated privileges within the ASP.NET Core application and can act as an authenticated user with full rights.

Generated by OpenCVE AI on April 22, 2026 at 06:45 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the Microsoft security update that corrects the signature verification logic in ASP.NET Core.
  • Audit all custom authentication components to ensure they use the updated cryptographic APIs and do not accept externally supplied data for signature validation.
  • If a patch is not immediately available, limit exposure by restricting network access to trusted IP ranges and applying segmentation to isolate critical services.

Generated by OpenCVE AI on April 22, 2026 at 06:45 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 22 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
Description Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network.
Title ASP.NET Core Elevation of Privilege Vulnerability
First Time appeared Microsoft
Microsoft asp.net Core
Weaknesses CWE-347
CPEs cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft asp.net Core
References
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Subscriptions

Microsoft Asp.net Core
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-04-22T03:56:11.609Z

Reserved: 2026-04-11T23:06:15.615Z

Link: CVE-2026-40372

cve-icon Vulnrichment

Updated: 2026-04-21T19:40:48.644Z

cve-icon NVD

Status : Received

Published: 2026-04-21T20:16:59.133

Modified: 2026-04-21T20:16:59.133

Link: CVE-2026-40372

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T06:45:10Z

Weaknesses