QwikSec

Security Database

CVE

CWE

Training

CVE-2016-9892

Published: Mar 2, 2017

Modified: Aug 6, 2024

PUBLISHED

Description

The esets_daemon service in ESET Endpoint Antivirus for macOS before 6.4.168.0 and Endpoint Security for macOS before 6.4.168.0 does not properly verify X.509 certificates from the edf.eset.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide crafted responses to license activation requests via a self-signed certificate. NOTE: this issue can be combined with CVE-2016-0718 to execute arbitrary code remotely as root.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://support.eset.com/ca6333/

x_refsource_CONFIRM

20170227 CVE-2016-9892 - Remote Code Execution as Root via ESET Endpoint Antivirus 6

mailing-list

x_refsource_FULLDISC

vdb-entry

x_refsource_BID

http://packetstormsecurity.com/files/141350/ESET-Endpoint-Antivirus-6-Remote-Code-Execution.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.