Client certificate

If a client certificate is leaked or compromised, an attacker can use it to impersonate the legitimate client in client certificate authentication scenarios. This has several serious implications:

• The attacker can establish trusted connections with servers that accept the leaked certificate, bypassing mutual TLS (mTLS) authentication
• They can access protected resources and services that rely on client certificate authentication
• Since the certificate is a trusted credential, the malicious activities may go undetected as they appear to come from a legitimate source

This is particularly dangerous in enterprise environments where client certificates are used to secure internal services, API endpoints, or microservices communications. The attacker could potentially move laterally through the network while appearing as a trusted entity.