C Sharp Untrusted Root Certificate Addition
Description
Detects when applications add potentially untrusted certificates to the root certificate store in C# code. Adding untrusted certificates to the root store can allow attackers to bypass TLS/SSL certificate validation, enabling man-in-the-middle attacks and compromising secure communications.
Detection Strategy
• Checks if the System.Security.Cryptography.X509Certificates namespace is imported in the code
• Identifies calls to Add() method on X509Store objects that add certificates to the certificate store
• Reports a vulnerability when certificates are added to the root certificate store, as this may indicate bypassing standard certificate validation
Vulnerable code example
using System.Security.Cryptography.X509Certificates;
public class CertificateManager {
public void InstallCertificate() {
// Unsafe: Adding certificate to root store without proper validation
var store = new X509Store(StoreName.Root);
store.Open(OpenFlags.ReadWrite);
store.Add(new X509Certificate2());...✅ Secure code example
using System;
using System.Security.Cryptography.X509Certificates;
public class CertificateManager {
public void InstallCertificate(X509Certificate2 certificate) {
if (certificate == null) {
throw new ArgumentNullException(nameof(certificate));
}...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.