Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
FortiBleed Vulnerability Exploited by INC and Lynx Ransomware to Steal Passwords
July 2, 2026
WhatsApp Username Reservations Raise Security Concerns for 2 Billion Users
July 2, 2026
Alleged Scattered Spider Member Extradited to US for 100+ Network Hacks
July 2, 2026
Home/CyberSecurity News/TrustAsia Revoked 143 Certificates Following LiteSSL ACME Service Vulnerability
CyberSecurity News

TrustAsia Revoked 143 Certificates Following LiteSSL ACME Service Vulnerability

TrustAsia has revoked 143 SSL/TLS certificates after discovering a vulnerability within its LiteSSL ACME service. This flaw enabled the improper reuse of domain validation data across different ACME...

Sarah simpson
Sarah simpson
January 23, 2026 2 Min Read
36 0

TrustAsia has revoked 143 SSL/TLS certificates after discovering a vulnerability within its LiteSSL ACME service. This flaw enabled the improper reuse of domain validation data across different ACME accounts. The discovery prompted an immediate suspension of issuance services and a subsequent mass revocation of the affected certificates.

The incident, tracked under Mozilla Bugzilla ticket #2011713, was triggered by a community report received on January 21, 2026. The vulnerability specifically impacted certificates issued via the ACME protocol after December 29, 2025.

Technical Root Cause and Impact

The core issue stemmed from a logic error in the LiteSSL ACME service handling of Authorization objects. Investigations revealed that “Authorization data was reused across different ACME accounts,” effectively bypassing the requirement for unique validation per account context.

While community speculation initially suggested the issue might be related to External Account Binding (EAB) assignments in the database, TrustAsia clarified that their architecture maintains a strict one-to-one mapping between ACME Accounts and EABs.

Incident Scope:

  • Total Certificates Impacted: 143
  • Affected Protocol: ACME (Automated Certificate Management Environment)
  • Vulnerable Period: Issuance dates post-2025-12-29
  • Status: All affected certificates have been revoked; the service is patched and online.

The following timeline outlines the response actions taken by TrustAsia on January 21, 2026 (Times in UTC+8).

Time Event Description
14:55 Compliance team received a report (via V2EX) regarding domain validation reuse.
15:10 Preliminary confirmation of the issue; ACME issuance service suspended.
15:30 Impact scope confirmed; investigation into specific certificates began.
15:33 Revocation initiated for the two specific certificates mentioned in the initial report.
21:00 Code fix completed and validated in the test environment.
21:21 Identification of all 143 affected certificates completed; batch revocation initiated.
21:30 Revocation completed for the 140 remaining valid certificates (3 were previously revoked).
21:41 Patched code deployed to the production environment.
22:35 Reset of all ACME Authorizations from VALID to REVOKED, forcing client re-validation.
23:00 External ACME issuance service fully restored.

This incident violates the CA/Browser Forum Baseline Requirements (TLS BR Version 2.2.2), specifically Section 3.2.2.4, which mandates that the Certificate Authority must validate each Fully-Qualified Domain Name (FQDN) prior to issuance.

TrustAsia has stated that a Full Incident Report will be released to the Mozilla Bugzilla thread, which will include a more detailed root cause analysis and the definitive start date of the non-compliance.

All ACME Authorizations in the production environment were reset to REVOKED status to prevent any lingering invalid authorizations from being used for new issuance.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

PatchVulnerability

Share Article

Sarah simpson

Sarah simpson

Sarah is a cybersecurity journalist specializing in threat intelligence and malware analysis. With over 8 years of experience covering APT groups, zero-day exploits, and advanced persistent threats, Sarah brings deep technical expertise to breaking cybersecurity news. Previously, she worked as a security researcher at leading threat intelligence firms, where she analyzed malware samples and tracked cybercriminal operations. Sarah holds a Master's degree in Computer Science with a focus on cybersecurity and is a regular contributor to major security conferences.

Previous Post

North Korean Hackers Adopted AI to Generate Malware Attacking Developers and Engineering Teams

Next Post

HPE Alletra and Nimble Storage Vulnerability Grants Admin Access to Remote Attacker

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
Critical Cursor IDE RCE Vulnerabilities Allow Zero-Click Prompt Injection
July 1, 2026
Automated Password Spray Attacks Target Microsoft Azure CLI
July 1, 2026
Reduce Alert Fatigue to Improve SOC Efficiency and Cut Business Costs
July 1, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
Emy Elsamnoudy
Emy Elsamnoudy
Let's Connect
156k
2.25m
285k

Related Posts

Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
CyberSecurity News

Top 10 High-Risk Vulnerabilities Of 2025 that Exploited in the Wild

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

PoC Exploit Released HPE OneView Vulnerability that Enables Remote Code Execution

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us