Pasquale "sid" Fiorillo discovered a critical vulnerability in GoSign Desktop <= 2.4.0 that allows an attacker to execute arbitrary code on the system through insecure updates and a TLS bypass. The exploit leverages the deactivation of TLS certificate verification when a proxy is configured, together with an update mechanism based on unsigned manifests.
The vendor, Tinexta InfoCert, initially cooperative, ceased all communication after receiving the technical details, ignoring follow?up requests and releasing version 2.4.1 without any public notice or acknowledgment of the researchers. Due to this opaque behavior, which does not align with responsible disclosure best practices, a forced disclosure was carried out.
Multiple Vulnerabilities in GoSign Desktop leads to Remote Code Execution
Name TLS Verification Bypass and Insecure Update in GoSign Desktop
Systems Affected GoSign Desktop <= 2.4.0
Severity High 8.2/10
Impact CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Vendor https://www.infocert.it/
Advisory https://www.ush.it/team/ush/hack-gosign-desktop_240/gosign-desktop-exec.txt
Authors Pasquale "sid" Fiorillo (sid AT ush DOT it)
Francesco "ascii" Ongaro (ascii AT ush DOT it)
Marco Lunardi
Date 20251003
I. BACKGROUND
GoSign is an advanced and qualified electronic signature solution
developed by Tinexta InfoCert S.p.A., used by public administrations,
businesses, and professionals to manage approval workflows with
traceability and security.
The SaaS/web version of the product has received the "QC2" qualification
from the Italian National Cybersecurity Agency (ACN).
The QC2 qualification certifies a service's ability to securely handle
critical data, including data processed by public administrations. Under
ACN's regulation effective from August 1, 2024, cloud service providers
for public entities must meet strict security and resilience
requirements. This qualification enables public administrations to adopt
certified solutions for safeguarding sensitive data and ensuring
continuity of essential services.
GoSign Desktop, subject of this advisory, is the on-premise version
released for Microsoft Windows, Linux Ubuntu, and Apple macOS.
II. DESCRIPTION
We have identified a critical vulnerability in the GoSign Desktop
software, developed by Tinexta InfoCert. The platform is widely used
for signing, verifying, and managing electronic documents. In 2021
alone, it was used by 1.6 million people to perform over 830 million
signing transactions, confirming its central role in the Italian and
European digital ecosystem.
GoSign Desktop disables TLS certificate validation (`SSL_VERIFY_NONE`)
in the `libdgsapi.so` and `libcurl.so` modules when configured to use a
proxy server, removing any assurance regarding server identity during
encrypted communications. This compromises the security of TLS
connections and opens the door to Man-in-the-Middle (MitM) attacks.
Additionally, the update mechanism relies on an unsigned manifest,
meaning security depends entirely on the TLS layer.
We verified three attack scenarios that severely impact the security of
GoSign Desktop users:
Malicious software installation (Critical): A network attacker can
deceive the client into installing fake updates, taking control of the
machine with the privileges of the user running GoSign Desktop
(Windows, macOS) or with administrative privileges (Linux).
Credential theft (High): Access information (tokens, temporary
passwords) can be intercepted because the application does not verify
the server's identity.
Privilege escalation (High): A local attacker with the same privileges
as the GoSign Desktop user can enable proxy settings and inject a
malicious update to gain full control of the system (Linux).
III. ANALYSIS
1) TLS verification bypass
The `GoSignDesktop` process, through `libdgsapi.so` and `libcurl.so`,
disables TLS certificate verification by invoking
`SSL_CTX_set_verify(mode=SSL_VERIFY_NONE)` when configured to use a
proxy server.
This setting completely disables certificate validation during the TLS
handshake, effectively nullifying the authenticity and confidentiality
guarantees of the TLS channel. As a result, a remote attacker can
perform Man-in-the-Middle (MitM) attacks to intercept and manipulate
traffic. Neither the authenticity of the InfoCert server nor the proxy
server is verified.
The vulnerability was confirmed in methods related to update checks
(`UpdateManager::get_manifest`, `UpdateManager::check_and_download`) and
OAuth renewal and authentication operations (`ISACBinder::refresh` and
`UpdateManager::getIdentity`).
However, it is plausible that any request originating from `libdgsapi.so`
is affected by the same certificate validation issue.
Tested and vulnerable versions due to lack of TLS certificate validation:
- GoSign Desktop 2.4.0 (standard) Windows
- GoSign Desktop 2.4.0 (standard) Linux
The vendor confirms that the macOS version is also affected:
- GoSign Desktop 2.4.0 (standard) macOS
1.1) Insecure Update
The GoSign Desktop update mechanism relies on an unsigned manifest
containing the package URL and its SHA-256 hash. A MitM attacker can
provide a malicious manifest with a matching hash, tricking the client
into downloading and installing a tampered package, resulting in remote
code execution.
Effectively, the update manifest's authentication is entirely delegated
to the TLS layer, which is not validated-thus rendering all
authenticity guarantees ineffective.
This architecture is conceptually flawed: since the manifest is not
digitally signed, it protects at most against accidental integrity
issues (e.g., corrupted files) but offers no defense against active
attacks. Without valid TLS and manifest signing, an attacker can
replace both the package and its hash, fully bypassing the security
mechanism.
Instead of adopting established solutions for secure software
distribution, a custom mechanism was implemented that reintroduces
well-known, extensively documented risks. This design choice was
avoidable given the availability of reliable, industry-standard
approaches that would have ensured update integrity and authenticity.
1.2) Verified Security Impacts
We have confirmed three concrete attack scenarios that severely
compromise the security of GoSign Desktop:
- OAuth Secrets Information Disclosure
- Remote Code Execution
- Privilege Escalation
It is likely that additional attack vectors exist but have not yet been
identified. Given the severity of the confirmed impacts, we immediately
alerted the relevant authorities (ACN/CSIRT Italia) to ensure
responsible and timely incident handling.
1.3) CVSS 3.1
CVSS Base Score: 8.2
CVSS Vector: AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
1.4) CWE Mappings
CWE-295: Improper Certificate Validation - use of SSL_VERIFY_NONE /
disabled TLS verification
CWE-347: Improper Verification of Cryptographic Signature - absence of
signature validation on manifests/metadata
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor -
OAuth secrets exposed over an unverified channel
2) Attack scenarios
2.1) MitM
In a typical Man-in-the-Middle (MitM) attack scenario, an attacker
positioned to intercept network traffic can respond to TLS requests
initiated by GoSign Desktop by presenting a self-signed certificate.
Since GoSign Desktop disables certificate validation when configured to
use a proxy, the client establishes the connection without verifying
the server's identity.
The attacker can thus intercept and read sensitive requests and
responses-specifically, OAuth calls may disclose secrets such as
client_secret, JWT tokens, or refresh tokens.
Simultaneously, the attacker can respond to update requests by
providing a tampered manifest that points to a compromised package and
includes the SHA-256 hash of the malicious payload. Because the client
has neither TLS verification enabled nor a digital signature on the
manifest, it downloads the update and executes the attacker's code with
administrative (root) privileges if running on Linux, or with the
privileges of the user running GoSign on Windows or macOS.
2.2) Privilege Escalation
A second exploitation vector involves the preliminary compromise of the
unprivileged user account running GoSign Desktop.
A local attacker can independently modify the HTTP-PROXY settings in
the configuration file ~/.gosign/dike.conf, causing the client to
download a malicious update and thereby escalate privileges to root.
Proof of Concept Video:
https://www.ush.it/team/ush/hack-gosign-desktop_240/gosigndesktop_mitm_poc.mp4
Proof of Concept Exploit:
https://www.ush.it/team/ush/hack-gosign-desktop_240/
IV. WORKAROUND
Fix in GoSign Desktop 2.4.1
In version 2.4.1 of GoSign Desktop, released on 2025-11-04, a fix was
introduced to verify the digital signature of the update manifest.
However, the lack of TLS certificate validation when the application is
configured to use a proxy remains unaddressed.
- Information Disclosure of OAuth secrets – NOT FIXED
- Remote Code Execution – FIXED
- Privilege Escalation – FIXED
VI. VENDOR RESPONSE
Handling of Responsible Disclosure by Vendor Tinexta InfoCert
Following the initial contact, the vendor was provided with all
technical details of the vulnerability, the Proof of Concept (PoC), and
mitigation suggestions-both via encrypted email and during a Teams call
requested by the vendor and held on 2025-10-16 at 15:00. Present at the
call were the InfoCert security officer and the product manager for
GoSign Desktop. During the call, the vendor confirmed the vulnerability
and agreed that October 31, 2025, was a reasonable deadline for
releasing a fix.
After this call, the vendor ceased all communication, failed to provide
any further updates, and did not respond to subsequent contact
attempts.
On 2025-11-04, the fix was released publicly without any announcement
from the vendor and without honoring the request to include a changelog
acknowledgment.
ACN/CSIRT Italia was notified about the vendor's improper handling of
responsible disclosure best practices.
VII. CVE INFORMATION
Mitre is unresponsive.
VIII. DISCLOSURE TIMELINE
2025-10-03: Vulnerability discovered
2025-10-04: Proof of Concept developed
2025-10-04: Initial contact attempt to InfoCert S.p.A.
2025-10-04: Concurrent notification sent to ACN/CSIRT Italia
2025-10-04: Response from ACN/CSIRT Italia acknowledging receipt and
awaiting further developments
2025-10-07: Response from InfoCert Cyber Security Operation
2025-10-07: Technical details and evidence shared with the vendor
2025-10-09: InfoCert acknowledges the report and states the issue is
under investigation
2025-10-16: Technical call with InfoCert; vulnerability confirmed; over
1 million users affected. Full technical details and
remediation suggestions shared during the call
2025-10-26: Follow-up request for update sent to vendor; no response
received
2025-11-04: Version 2.4.1 released; no communication or changelog from
the vendor
2025-11-08: Further request for explanation and update sent to the
vendor; no response
2025-11-14: Report submitted to ACN/CSIRT Italia regarding vendor's
mishandling of disclosure process
2025-11-14: Advisory published
IX. TECHNICAL DETAILS
Collected evidence indicates that the disabling of TLS certificate
verification is not an isolated anomaly: the `SSL_VERIFY_NONE` behavior
is systematically applied during the initialization of TLS connections
by GoSign Desktop when the proxy setting is enabled.
To demonstrate this, a dynamic runtime instrumentation approach was
used, intercepting OpenSSL APIs responsible for certificate
verification configuration. The findings confirm that the application's
default behavior sets the `SSL_VERIFY_NONE` flag and that certificate
checks are explicitly disabled. In its current configuration, GoSign
effectively functions as a backdoor installed on a vast number of
systems used by major public administrations, ministries, and Italian
enterprises.
To observe this behavior at runtime, a hook library (LD_PRELOAD) was
developed to intercept calls to `SSL_CTX_set_verify()` and
`SSL_set_verify()` functions exported by the cryptographic libraries.
--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--
/* gcc -shared -fPIC -o log_ssl_verify.so log_ssl_verify.c -ldl -rdynamic */
#define _GNU_SOURCE
#include <stdio.h>
#include <dlfcn.h>
#include <stdlib.h>
#include <execinfo.h>
#include <stdint.h>
typedef void (*ssl_ctx_set_verify_t)(void*, int, void*);
typedef void (*ssl_set_verify_t)(void*, int);
static ssl_ctx_set_verify_t real_SSL_CTX_set_verify = NULL;
static ssl_set_verify_t real_SSL_set_verify = NULL;
static void dump_backtrace(FILE *f) {
void *buffer[50];
int nptrs = backtrace(buffer, 50);
char **strings = backtrace_symbols(buffer, nptrs);
if (strings != NULL) {
for (int i = 0; i < nptrs; ++i) {
fprintf(f, " %s\n", strings[i]);
}
free(strings);
} else {
fprintf(f, " <no backtrace available>\n");
}
}
void SSL_CTX_set_verify(void *ctx, int mode, void *cb) {
if (!real_SSL_CTX_set_verify) {
real_SSL_CTX_set_verify = (ssl_ctx_set_verify_t)dlsym(RTLD_NEXT, "SSL_CTX_set_verify");
}
FILE *f = fopen("/tmp/gosign_ssl_verify.log", "a");
if (f) {
fprintf(f, "PID %d: SSL_CTX_set_verify called with mode=%d\n", getpid(), mode);
dump_backtrace(f);
fclose(f);
}
if (real_SSL_CTX_set_verify) real_SSL_CTX_set_verify(ctx, mode, cb);
}
void SSL_set_verify(void *ssl, int mode) {
if (!real_SSL_set_verify) {
real_SSL_set_verify = (ssl_set_verify_t)dlsym(RTLD_NEXT, "SSL_set_verify");
}
FILE *f = fopen("/tmp/gosign_ssl_verify.log", "a");
if (f) {
fprintf(f, "PID %d: SSL_set_verify called with mode=%d\n", getpid(), mode);
dump_backtrace(f);
fclose(f);
}
if (real_SSL_set_verify) real_SSL_set_verify(ssl, mode);
}
--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--
Process launch and log capture in `gosign_ssl_verify.log`:
--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--
export LD_PRELOAD=./log_ssl_verify.so
/usr/lib/gosigndesktop/GoSignDesktop & disown
--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--
Startup log:
--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--
$ export LD_PRELOAD=./log_ssl_verify.so
$ /usr/lib/gosigndesktop/GoSignDesktop & disown
[1] 282062
$ Profile verified!
Using @ffi-napi
2025-10-03 21:21:22.977 [info] info LoggerElectron initialized
2025-10-03 21:21:22.978 [info] Current log level: { verbose: false, defaultLogLevel: 'info' }
2025-10-03 21:21:23.191 [info] (main) homeDir is '/home/sid/.gosign'
Creating certificate store: {"filename":"/home/sid/.gosign/certificates.db","autoload":true}
Creating option store: {"filename":"/home/sid/.gosign/options.db","autoload":true}
~ Analytics ~ currentCustomization standard
Native module: @ice/dike-core-linux x64
2025-10-03 21:21:23.200 [info] (DikeClients) Loading profile from: /usr/lib/gosigndesktop/resources/app/current-customization/profile.jwt
2025-10-03 21:21:23.200 [info] (DikeClients) Homepath for core library is '/home/sid/.gosign'
HOME_PATH: /home/sid/.gosign
2025-10-03 21:21:23.201 [warn] (DikeClients) LIBRARY PATH __dirname IS STILL BROKEN, PLEASE CHECK ISSUE ON GITHUB!!!
https://github.com/electron/electron/issues/8206
2025-10-03 21:21:23.201 [info] (DikeClients) ======================= PRODUCTION ENV =======================
Native module: @ice/dike-core-linux x64
Profile verified!
2025:10:03 21:21:23 (0xfd27cd80)[INFO][dgs] (prepare_tempdir): Removing session dir /home/sid/.gosign/sessiondir_7cb271e1
Scheduler -> getMessages
Registering channel get-version
Registering channel jobs-channel
Registering channel add-jobs-channel
Registering channel test-pin
Registering channel set-configuration
Registering channel get-session-params
Registering channel device-list
Registering channel change-pin
Registering channel unlock-pin
Registering channel unlock-ce-pin
[..]
--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--
Contents of `gosign_ssl_verify.log` showing evidence of
`SSL_CTX_set_verify(mode=0)` and the corresponding backtrace:
--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--
PID 282062: SSL_CTX_set_verify called with mode=0
./log_ssl_verify.so(+0x1272) [0x796e00465272]
./log_ssl_verify.so(SSL_CTX_set_verify+0x9b) [0x796e004653e2]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x734f4) [0x796dfcabb4f4]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x7419f) [0x796dfcabc19f]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x74b09) [0x796dfcabcb09]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x1a8ef) [0x796dfca628ef]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x14ca5) [0x796dfca5cca5]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x189bf) [0x796dfca609bf]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x483e9) [0x796dfca903e9]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(curl_multi_perform+0xea) [0x796dfca9195a]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(curl_easy_perform+0x14b) [0x796dfca6c7eb]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/libdgsapi.so(_ZN3dgs14NetworkRequest7executeEv+0x54e) [0x796df3d8dc9e]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/libdgsapi.so(_ZN3dgs10ISACBinder7refreshERNS_12IdentityDataE+0x450) [0x796df3d733e0]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/libdgsapi.so(_ZN3dgs10ISACBinder11getIdentityERNS_12IdentityDataEb+0x55d) [0x796df3d7ab5d]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/libdgsapi.so(dgs_oauth_get_identity+0x1b7) [0x796df3c2efc7]
/lib/x86_64-linux-gnu/libffi.so.8(+0x7b16) [0x796dfe7efb16]
/lib/x86_64-linux-gnu/libffi.so.8(+0x43ef) [0x796dfe7ec3ef]
/lib/x86_64-linux-gnu/libffi.so.8(ffi_call+0x12e) [0x796dfe7ef0be]
/usr/lib/gosigndesktop/resources/app/node_modules/ffi-napi/build/Release/ffi_bindings.node(_ZN3FFI3FFI12AsyncFFICallEP9uv_work_s+0x23) [0x796dfcaef533]
/usr/lib/gosigndesktop/GoSignDesktop(+0x18f14d4) [0x59e78df734d4]
PID 282062: SSL_CTX_set_verify called with mode=0
./log_ssl_verify.so(+0x1272) [0x796e00465272]
./log_ssl_verify.so(SSL_CTX_set_verify+0x9b) [0x796e004653e2]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x734f4) [0x796dfcabb4f4]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x7419f) [0x796dfcabc19f]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x74b09) [0x796dfcabcb09]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x1a8ef) [0x796dfca628ef]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x14ca5) [0x796dfca5cca5]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x189bf) [0x796dfca609bf]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x483e9) [0x796dfca903e9]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(curl_multi_perform+0xea) [0x796dfca9195a]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(curl_easy_perform+0x14b) [0x796dfca6c7eb]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/libdgsapi.so(_ZN3dgs14NetworkRequest7executeEv+0x54e) [0x796df3d8dc9e]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/libdgsapi.so(_ZN3dgs13UpdateManager12get_manifestERNS0_14UpdateManifestE+0x2bb) [0x796df3e2dc5b]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/libdgsapi.so(_ZN3dgs13UpdateManager18check_and_downloadERNS_17UpdateManagerDataEb+0x178) [0x796df3e30bd8]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/libdgsapi.so(_ZN5boost10statechart12simple_stateIN3dgs16WaitCheckRequestENS2_10UpdaterFSMENS_3mpl4listIN4mpl_2naES8_S8_S8_S8_S8_S8_S8_S8_S8_S8_S8_S8_S8_S8_S8_S8_S8_S8_S8_EELNS0_12history_modeE0EE10react_implERKNS0_10event_baseEPKv+0x1e5) [0x796df3d0cb25]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/libdgsapi.so(_ZN3dgs10UpdaterFSM18process_event_jsonE14DGS_FLOW_EVENTRKN8nlohmann10basic_jsonISt3mapSt6vectorNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEblmdSaNS2_14adl_serializerES5_IhSaIhEEEE+0x43a) [0x796df3d0171a]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/libdgsapi.so(_ZN3dgs7FlowFSM12processeventE14DGS_FLOW_EVENTRKN8nlohmann10basic_jsonISt3mapSt6vectorNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEblmdSaNS2_14adl_serializerES5_IhSaIhEEEE+0x53) [0x796df3cccb73]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/libdgsapi.so(dgs_flow_post_event+0xc5) [0x796df3c30085]
/lib/x86_64-linux-gnu/libffi.so.8(+0x7b16) [0x796dfe7efb16]
/lib/x86_64-linux-gnu/libffi.so.8(+0x43ef) [0x796dfe7ec3ef]
/lib/x86_64-linux-gnu/libffi.so.8(ffi_call+0x12e) [0x796dfe7ef0be]
/usr/lib/gosigndesktop/resources/app/node_modules/ffi-napi/build/Release/ffi_bindings.node(_ZN3FFI3FFI12AsyncFFICallEP9uv_work_s+0x23) [0x796dfcaef533]
/usr/lib/gosigndesktop/GoSignDesktop(+0x18f14d4) [0x59e78df734d4]
PID 282062: SSL_CTX_set_verify called with mode=0
./log_ssl_verify.so(+0x1272) [0x796e00465272]
./log_ssl_verify.so(SSL_CTX_set_verify+0x9b) [0x796e004653e2]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x734f4) [0x796dfcabb4f4]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x7419f) [0x796dfcabc19f]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x74b09) [0x796dfcabcb09]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x1a8ef) [0x796dfca628ef]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x14ca5) [0x796dfca5cca5]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x189bf) [0x796dfca609bf]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x483e9) [0x796dfca903e9]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(curl_multi_perform+0xea) [0x796dfca9195a]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(curl_easy_perform+0x14b) [0x796dfca6c7eb]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcaCRLCache.so(+0x5873e) [0x796df2ae673e]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcaCRLCache.so(+0x59e85) [0x796df2ae7e85]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcaCRLCache.so(+0x2f884) [0x796df2abd884]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libdeSign.so(_Z9loadEUTSLv+0x26) [0x796df2098386]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/libdgsapi.so(_ZN3dgs6Design13isTSLToUpdateE16DGS_COUNTRY_CODE+0x4a) [0x796df3c116fa]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/libdgsapi.so(_ZN3dgs10TSLManager18check_TSLs_updatesEv+0xa7) [0x796df3e2bc07]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/libdgsapi.so(_ZN3dgs4Core16tsl_checkupdatesERNS_7TSLDataE+0x2c) [0x796df3bb865c]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/libdgsapi.so(dgs_tsl_checkupdates+0x87) [0x796df3c2f357]
/lib/x86_64-linux-gnu/libffi.so.8(+0x7b16) [0x796dfe7efb16]
/lib/x86_64-linux-gnu/libffi.so.8(+0x43ef) [0x796dfe7ec3ef]
/lib/x86_64-linux-gnu/libffi.so.8(ffi_call+0x12e) [0x796dfe7ef0be]
/usr/lib/gosigndesktop/resources/app/node_modules/ffi-napi/build/Release/ffi_bindings.node(_ZN3FFI3FFI12AsyncFFICallEP9uv_work_s+0x23) [0x796dfcaef533]
/usr/lib/gosigndesktop/GoSignDesktop(+0x18f14d4) [0x59e78df734d4]
PID 282062: SSL_CTX_set_verify called with mode=0
./log_ssl_verify.so(+0x1272) [0x796e00465272]
./log_ssl_verify.so(SSL_CTX_set_verify+0x9b) [0x796e004653e2]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x734f4) [0x796dfcabb4f4]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x7419f) [0x796dfcabc19f]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x74b09) [0x796dfcabcb09]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x1a8ef) [0x796dfca628ef]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x14ca5) [0x796dfca5cca5]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x189bf) [0x796dfca609bf]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x483e9) [0x796dfca903e9]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(curl_multi_perform+0xea) [0x796dfca9195a]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(curl_easy_perform+0x14b) [0x796dfca6c7eb]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcaCRLCache.so(+0x5873e) [0x796df2ae673e]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcaCRLCache.so(+0x59e85) [0x796df2ae7e85]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcaCRLCache.so(+0x31007) [0x796df2abf007]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libdeSign.so(_Z26checkCountryCACertsUpdatesPc+0x2d) [0x796df20987bd]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/libdgsapi.so(_ZN3dgs6Design13isTSLToUpdateE16DGS_COUNTRY_CODE+0xd0) [0x796df3c11780]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/libdgsapi.so(_ZN3dgs10TSLManager18check_TSLs_updatesEv+0xa7) [0x796df3e2bc07]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/libdgsapi.so(_ZN3dgs4Core16tsl_checkupdatesERNS_7TSLDataE+0x2c) [0x796df3bb865c]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/libdgsapi.so(dgs_tsl_checkupdates+0x87) [0x796df3c2f357]
/lib/x86_64-linux-gnu/libffi.so.8(+0x7b16) [0x796dfe7efb16]
/lib/x86_64-linux-gnu/libffi.so.8(+0x43ef) [0x796dfe7ec3ef]
/lib/x86_64-linux-gnu/libffi.so.8(ffi_call+0x12e) [0x796dfe7ef0be]
/usr/lib/gosigndesktop/resources/app/node_modules/ffi-napi/build/Release/ffi_bindings.node(_ZN3FFI3FFI12AsyncFFICallEP9uv_work_s+0x23) [0x796dfcaef533]
/usr/lib/gosigndesktop/GoSignDesktop(+0x18f14d4) [0x59e78df734d4]
PID 282062: SSL_CTX_set_verify called with mode=0
./log_ssl_verify.so(+0x1272) [0x796e00465272]
./log_ssl_verify.so(SSL_CTX_set_verify+0x9b) [0x796e004653e2]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x734f4) [0x796dfcabb4f4]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x7419f) [0x796dfcabc19f]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x74b09) [0x796dfcabcb09]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x1a8ef) [0x796dfca628ef]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x14ca5) [0x796dfca5cca5]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x189bf) [0x796dfca609bf]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(+0x483e9) [0x796dfca903e9]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(curl_multi_perform+0xea) [0x796dfca9195a]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/lib/libcurl.so.4(curl_easy_perform+0x14b) [0x796dfca6c7eb]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/libdgsapi.so(_ZN3dgs14NetworkRequest7executeEv+0x54e) [0x796df3d8dc9e]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/libdgsapi.so(_ZN3dgs14NetworkManager15checkConnectionEv+0xd2) [0x796df3d8ec92]
/usr/lib/gosigndesktop/resources/app/node_modules/@ice/dike-core-js/node_modules/@ice/dike-core-linux/native/libdgsapi.so(dgs_check_connection+0x2b) [0x796df3c27e2b]
/lib/x86_64-linux-gnu/libffi.so.8(+0x7b16) [0x796dfe7efb16]
/lib/x86_64-linux-gnu/libffi.so.8(+0x43ef) [0x796dfe7ec3ef]
/lib/x86_64-linux-gnu/libffi.so.8(ffi_call+0x12e) [0x796dfe7ef0be]
/usr/lib/gosigndesktop/resources/app/node_modules/ffi-napi/build/Release/ffi_bindings.node(_ZN3FFI3FFI12AsyncFFICallEP9uv_work_s+0x23) [0x796dfcaef533]
/usr/lib/gosigndesktop/GoSignDesktop(+0x18f14d4) [0x59e78df734d4]
--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--
Static analysis of the binary `/usr/lib/gosigndesktop/GoSignDesktop`
returned a series of strings suggesting the existence of flags and
parameters intended to disable TLS checks or log cryptographic
information.
These occurrences indicate that the code includes mechanisms (or
supports parameters) which, if enabled, can alter certificate
verification behavior or activate sensitive TLS key logging.
--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--
$ strings -n 1 /usr/lib/gosigndesktop/GoSignDesktop | grep -i -E 'ignore-certificate-errors|certificate-error|ignore-urlfetcher-cert-requests|ssl-key-log-file' > binary_relevant_strings.txt'
$ cat binary_relevant_strings.txt
certificate-error
ssl-key-log-file argument missing
ignore-urlfetcher-cert-requests
ignore-certificate-errors-spki-list
ssl-key-log-file
ignore-certificate-errors
[..]
--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--
To verify whether these parameters were passed to the running process,
the command line of all GoSignDesktop processes was checked by reading
their respective `/proc/<pid>/cmdline`.
On the analyzed systems, the binary's execution shows that child
processes use various `--type` arguments (zygote, gpu-process,
renderer, etc.) and internal options typical of Chromium/Electron-based
runtimes, but no flags explicitly disabling TLS verification were
found.
--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--
$ for p in $( pgrep -f GoSignDesktop ); do echo "=== PID $p ===" >> proc_cmdlines.txt; cat /proc/$p/cmdline 2>/dev/null | tr '\0' ' ' >> proc_cmdlines.txt || echo "no /proc/$p/cmdline" >> proc_cmdlines.txt; echo >> proc_cmdlines.txt; done
$ cat proc_cmdlines.txt
=== PID 282062 ===
/usr/lib/gosigndesktop/GoSignDesktop
=== PID 282065 ===
/usr/lib/gosigndesktop/GoSignDesktop --type=zygote --no-zygote-sandbox
=== PID 282066 ===
/usr/lib/gosigndesktop/chrome-sandbox /usr/lib/gosigndesktop/GoSignDesktop --type=zygote
=== PID 282067 ===
/usr/lib/gosigndesktop/GoSignDesktop --type=zygote
=== PID 282069 ===
/usr/lib/gosigndesktop/GoSignDesktop --type=zygote
=== PID 282106 ===
/usr/lib/gosigndesktop/GoSignDesktop --type=gpu-process --field-trial-handle=13821780690570354888,7554827926380561664,131072 --enable-features=WebComponentsV0Enabled --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --gpu-preferences=OAAAAAAAAAAgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAA== --shared-files
=== PID 282114 ===
/usr/lib/gosigndesktop/GoSignDesktop --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=13821780690570354888,7554827926380561664,131072 --enable-features=WebComponentsV0Enabled --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --lang=en-US --service-sandbox-type=network --standard-schemes=file --secure-schemes=file --bypasscsp-schemes --cors-schemes --fetch-schemes --service-worker-schemes --streaming-schemes --shared-files=v8_context_snapshot_data:100
=== PID 282279 ===
/usr/lib/gosigndesktop/GoSignDesktop --type=renderer --field-trial-handle=13821780690570354888,7554827926380561664,131072 --enable-features=WebComponentsV0Enabled --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --lang=en-US --standard-schemes=file --secure-schemes=file --bypasscsp-schemes --cors-schemes --fetch-schemes --service-worker-schemes --streaming-schemes --app-path=/usr/lib/gosigndesktop/resources/app --node-integration-in-worker --no-sandbox --no-zygote --preload=/usr/lib/gosigndesktop/resources/app/preload.js --context-isolation --background-color=#fff --enable-spellcheck --enable-websql --disable-electron-site-instance-overrides --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --no-v8-untrusted-code-mitigations --shared-files=v8_context_snapshot_data:100
--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--
HTTP traffic demonstrating the lack of a digital signature on the update
manifest:
--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--
GET /gosign/download/update HTTP/1.1
Host: rinnovofirma.infocert.it
Cookie:
Accept: application/json
Cache-Control: no-cache
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 03 Oct 2025 21:44:39 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests; frame-ancestors none; object-src none
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 04 Sep 2025 10:16:23 GMT
ETag: "453-63df703669aaa"
Accept-Ranges: bytes
Content-Length: 1107
Vary: Accept-Encoding
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: application/json
{
"control":{
"probability": 100
},
"darwin": {
"2.3.7": {
"packages": {
"dmg": {
"any": {
"url": "https://gosignupdates.infocert.it/gosign/standard/GoSignDesktop-standard-2.3.7-8aa7cbe.dmg",
"sha256": "05ae06770253f2dadc9cce36b44d1198781eb874bb19fd10a10d8311749e4b84",
"size": 163804666 ,
"releaseDate": "2025-05-26"
}
}
},
"type": "MANDATORY"
}
},
"linux": {
"2.4.0": {
"packages": {
"deb": {
"64": {
"url": "https://gosignupdates.infocert.it/gosign/standard/gosigndesktop_2.4.0_amd64.deb",
"sha256": "02b7bc38365f3e456c4f41ef7ccd4bfa2134e54868345aad323823aabe740576",
"size": 102522536,
"releaseDate": "2025-04-04"
}
}
},
"type": "MANDATORY"
}
}
}
--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--
X. PoC
The provided Proof of Concept targets a GoSign Desktop installation on
Debian/Ubuntu Linux with amd64 architecture and simulates a local
privilege escalation to root by a local attacker.
After the exploit, you will need to reinstall GoSign Desktop by
downloading it again from the official website, as it is replaced by
the fake update package. The GoSign Desktop configuration is preserved.
https://www.ush.it/team/ush/hack-gosign-desktop_240/gosigndesktop_mitm_poc.mp4
1) Build
Compile the fake .deb update package and create the Python virtual
environment with the dependencies required for the exploit: `make`
2) Run
Configure the exploit to act as a proxy for GoSign Desktop in order to
simulate the attack: `make run`
3) PoC Evidence
After installing the fake .deb update package, you can verify the impact
by checking the file: `cat /tmp/gosigndesktop_mitm_poc.log`
4) Cleanup
You can remove the proxy configuration, the .deb file, and the virtual
environment: `make clean`
XI. REFERENCES
No references.
XII. CREDIT
Pasquale "Sid" Fiorillo is credited with the discovery of this
vulnerability with the contribution of Francesco "ascii" Ongaro and
Marco Lunardi.
Pasquale "sid" Fiorillo
web site: http://www.ush.it/
mail: sid AT ush DOT it
Francesco "ascii" Ongaro
web site: http://www.ush.it/
mail: ascii AT ush DOT it
XIII. LEGAL NOTICES
Copyright (c) 2025 Pasquale "Sid" Fiorillo
Permission is granted for the redistribution of this alert
electronically. It may not be edited in any way without mine express
written consent. If you wish to reprint the whole or any
part of this alert in any other medium other than electronically,
please email me for permission.
Disclaimer: The information in the advisory is believed to be accurate
at the time of publishing based on currently available information. Use
of the information constitutes acceptance for use in an AS IS condition.
There are no warranties with regard to this information. Neither the
author nor the publisher accepts any liability for any direct, indirect,
or consequential loss or damage arising from use of, or reliance on,
this information.