CVE-2016-9892

Published: Mar 2, 2017Modified: May 13, 2026

5.9

Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 2.2 / Impact: 3.6

Source: NVD

Description

The esets_daemon service in ESET Endpoint Antivirus for macOS before 6.4.168.0 and Endpoint Security for macOS before 6.4.168.0 does not properly verify X.509 certificates from the edf.eset.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide crafted responses to license activation requests via a self-signed certificate. NOTE: this issue can be combined with CVE-2016-0718 to execute arbitrary code remotely as root.

Affected (2)

Products: Eset: Endpoint Antivirus, Endpoint Security

2 products

Endpoint Antivirus

Endpoint Security

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Eset Endpoint Antivirus	Version 6.3.70.1
Eset Endpoint Security	Version 6.3.70.1

Related CWEs

Improper Certificate Validation

The product does not validate, or incorrectly validates, a certificate.

References (8)

http://packetstormsecurity.com/files/141350/ESET-Endpoint-Antivirus-6-Remote-Code-Execution.html

Source: cve@mitre.org

ExploitThird Party Advisory

http://seclists.org/fulldisclosure/2017/Feb/68

Source: cve@mitre.org

ExploitMailing List

http://support.eset.com/ca6333/

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/96462

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/141350/ESET-Endpoint-Antivirus-6-Remote-Code-Execution.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

http://seclists.org/fulldisclosure/2017/Feb/68

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitMailing List

http://support.eset.com/ca6333/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/96462

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.