ESET has addressed a security flaw within its secure traffic scanning feature that could have led web browsers to place trust in web pages using certificates signed with outdated and insecure algorithms. The cybersecurity company acknowledged the issue, categorizing it as of “high severity.” The vulnerability (CVE-2023-5594 CVSS score: 7.5) was identified in the SSL/TLS protocol scanning function across various products in ESET’s solutions catalog:
· ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium, and ESET Security Ultimate.
· ESET’s Endpoint Antivirus designed for Windows and ESET’s Endpoint Security tailored for Windows.
· ESET Endpoint Antivirus for Linux 10.0 and higher.
· ESET’s Server Security crafted for Windows Server (File Security for Microsoft Windows Server), ESET’s Mail Security for Microsoft Exchange Server, ESET’s Mail Security for IBM Domino, ESET’s Security for Microsoft SharePoint Server, and ESET’s File Security tailored for Microsoft Azure.
· ESET Server Security for Linux 10.1 and higher.
The vulnerability arose from the “incorrect validation of the server certificate chain,” according to ESET. Essentially, an intermediate certificate signed using the MD5 or SHA1 algorithm was mistakenly considered trusted. Consequently, on a system with the ESET Secure Traffic Scanning feature enabled, a browser could trust a site protected by such a certificate.
ESET affirms that there is no evidence of this vulnerability being exploited. Furthermore, the company highlights that the solution has been disclosed in Internet protection module 1464, which is distributed through automatic product updates. Therefore, no user interaction is necessary for the implementation of the fix.
CyberSec84 | Cybersecurity news. 
Leave a comment