Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.specterops.io/llms.txt

Use this file to discover all available pages before exploring further.

ESC12 is a vulnerability disclosed by Hans-Joachim Knobloch in this blogpost, which details a vulnerability in certificate authorities that stores their private key with the YubiHSM key storage provider. When this occurs, anyone with local unprivileged access to the CA server can extract the CA private key and forge arbitrary certificates to elevate their privileges.
While this is a cool attack, it is very niche, and as such is not supported by Certify.