How does CVE-2020-0601 (ChainOfFools/CurveBall) work to undermine ECC?

What is the recently patched and disclosed Windows 10 OS family Crypt.dll vulnerability CVE-2020-0601, nicknamed ChainOfFools and/or Curveball? I’ve read up on it and while I understand the basics (deriving an alternative private key from a public key through manipulating cryptographic algorithms so you can spoof a certificate), I don’t really understand the technical aspect and how it’s used to subvert ECC validation.

what’s the logic behind the exploit, how does it work technically to undermine Elliptic Curve cryptography and what can be done with it?