CVE-2016-1203

Severity Score

8.1

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

Improper file verification vulnerability in SaAT Netizen installer ver.1.2.0.424 and earlier, and SaAT Netizen ver.1.2.0.8 (Build427) and earlier allows a remote unauthenticated attacker to conduct a man-in-the-middle attack. A successful exploitation may result in a malicious file being downloaded and executed.

Vulnerabilidad de verificación de archivos incorrecta en el instalador de SaAT Netizen versión 1.2.0.424 y anteriores, y SaAT Netizen versión 1.2.0.8 (Build427) y anteriores permite que un atacante remoto no autenticado lleve a cabo un ataque de intermediario. Una explotación exitosa puede resultar en la descarga y ejecución de un archivo malicioso.

*Credits: N/A

CVSS Scores

NISTv3.1 8.1

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2015-12-26 CVE Reserved
2023-10-31 CVE Published
2024-09-06 CVE Updated
2024-09-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (2)

URL	Tag	Source
https://jvn.jp/en/vu/JVNVU97339542	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://web-support.saat.jp/hc/ja/articles/4406222933785	2023-11-09

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Saat Search vendor "Saat"	Netizen Search vendor "Saat" for product "Netizen"	<= 1.2.0.8 Search vendor "Saat" for product "Netizen" and version " <= 1.2.0.8"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	-	-	Safe
Saat Search vendor "Saat"	Netizen Installer Search vendor "Saat" for product "Netizen Installer"	<= 1.2.0.424 Search vendor "Saat" for product "Netizen Installer" and version " <= 1.2.0.424"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	-	-	Safe