#VU84650 Improper Certificate Validation in Eset products - CVE-2023-5594
Published: December 21, 2023
Vulnerability identifier: #VU84650
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2023-5594
CWE-ID: CWE-295
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
NOD32
ESET Internet Security
ESET Smart Security Premium
ESET Endpoint Antivirus for Windows
ESET Endpoint Security for Windows
ESET Security Ultimate
ESET Endpoint Antivirus for Linux
ESET File Security for Microsoft Azure
ESET Server Security for Linux
ESET Server Security for Microsoft Windows Server
ESET Mail Security for Microsoft Exchange Server
ESET Mail Security for IBM Domino
ESET Security for Microsoft SharePoint Server
NOD32
ESET Internet Security
ESET Smart Security Premium
ESET Endpoint Antivirus for Windows
ESET Endpoint Security for Windows
ESET Security Ultimate
ESET Endpoint Antivirus for Linux
ESET File Security for Microsoft Azure
ESET Server Security for Linux
ESET Server Security for Microsoft Windows Server
ESET Mail Security for Microsoft Exchange Server
ESET Mail Security for IBM Domino
ESET Security for Microsoft SharePoint Server
Software vendor:
Eset
Eset
Description
The vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to improper validation of the server’s certificate chain in the SSL/TLS protocol scanning feature. An intermediate certificate signed using the MD5 or SHA1 algorithm was considered trusted, and thus the browser on a system with the ESET secure traffic scanning feature enabled could be caused to trust a site secured with such a certificate.
Remediation
Install updates from vendor's website.