5.9

CVE-2016-9892

Exploit

EPSS 0.2%
Veröffentlicht 02.03.2017 23:59:00
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

The esets_daemon service in ESET Endpoint Antivirus for macOS before 6.4.168.0 and Endpoint Security for macOS before 6.4.168.0 does not properly verify X.509 certificates from the edf.eset.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide crafted responses to license activation requests via a self-signed certificate.  NOTE: this issue can be combined with CVE-2016-0718 to execute arbitrary code remotely as root.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Eset ≫ Endpoint Antivirus Version6.3.70.1 SwPlatformmacos

Eset ≫ Endpoint Security Version6.3.70.1 SwPlatformmacos

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.2%	0.422

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.9	2.2	3.6	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-295 Improper Certificate Validation

The product does not validate, or incorrectly validates, a certificate.

http://packetstormsecurity.com/files/141350/ESET-Endpoint-Antivirus-6-Remote-Code-Execution.html

Third Party Advisory

Exploit

http://seclists.org/fulldisclosure/2017/Feb/68

Exploit

Mailing List

http://support.eset.com/ca6333/

Vendor Advisory

http://www.securityfocus.com/bid/96462

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2016-9892

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-9892

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-9892

EUVD