5.9

CVE-2016-9892

Exploit

EPSS 0.2%
Published 02.03.2017 23:59:00
Last modified 20.04.2025 01:37:25
Source cve@mitre.org
Teams watchlist Login
Open Login

The esets_daemon service in ESET Endpoint Antivirus for macOS before 6.4.168.0 and Endpoint Security for macOS before 6.4.168.0 does not properly verify X.509 certificates from the edf.eset.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide crafted responses to license activation requests via a self-signed certificate.  NOTE: this issue can be combined with CVE-2016-0718 to execute arbitrary code remotely as root.

Affected products Warnungen 0 Metrics 3 CWE 1 References 7

Data is provided by the National Vulnerability Database (NVD)

Eset ≫ Endpoint Antivirus Version6.3.70.1 SwPlatformmacos

Eset ≫ Endpoint Security Version6.3.70.1 SwPlatformmacos

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.2%	0.422

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.9	2.2	3.6	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-295 Improper Certificate Validation

The product does not validate, or incorrectly validates, a certificate.

http://packetstormsecurity.com/files/141350/ESET-Endpoint-Antivirus-6-Remote-Code-Execution.html

Third Party Advisory

Exploit

http://seclists.org/fulldisclosure/2017/Feb/68

Exploit

Mailing List

http://support.eset.com/ca6333/

Vendor Advisory

http://www.securityfocus.com/bid/96462

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2016-9892

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-9892

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-9892

EUVD