CVE-2016-9892
ESET Endpoint Antivirus 6 Remote Code Execution
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
The esets_daemon service in ESET Endpoint Antivirus for macOS before 6.4.168.0 and Endpoint Security for macOS before 6.4.168.0 does not properly verify X.509 certificates from the edf.eset.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide crafted responses to license activation requests via a self-signed certificate. NOTE: this issue can be combined with CVE-2016-0718 to execute arbitrary code remotely as root.
El servicio esets_daemon en ESET Endpoint Antivirus para macOS en versiones anteriores a 6.4.168.0 y Endpoint Security para macOS en versiones anteriores a 6.4.168.0 no verifica adecuadamente certificados X.509 del servidor SSL edf.eset.com, lo que permite a atacantes man-in-the-middle suplantar este servidor y proporcionar respuestas manipuladas para las peticiones de activación de las licencias a través de un certificado autofirmado. NOTA: este problema puede combinarse con CVE-2016-0718 para ejecutar código arbitrario remotamente como root.
ESET Endpoint Antivirus 6 suffers from a remote code execution vulnerability.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-12-07 CVE Reserved
- 2017-02-27 CVE Published
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- 2024-09-14 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-295: Improper Certificate Validation
CAPEC
References (4)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/96462 | Third Party Advisory |
URL | Date | SRC |
---|---|---|
http://packetstormsecurity.com/files/141350/ESET-Endpoint-Antivirus-6-Remote-Code-Execution.html | 2024-08-06 | |
http://seclists.org/fulldisclosure/2017/Feb/68 | 2024-08-06 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://support.eset.com/ca6333 | 2017-03-16 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Eset Search vendor "Eset" | Endpoint Antivirus Search vendor "Eset" for product "Endpoint Antivirus" | 6.3.70.1 Search vendor "Eset" for product "Endpoint Antivirus" and version "6.3.70.1" | macos |
Affected
| ||||||
Eset Search vendor "Eset" | Endpoint Security Search vendor "Eset" for product "Endpoint Security" | 6.3.70.1 Search vendor "Eset" for product "Endpoint Security" and version "6.3.70.1" | macos |
Affected
|