ESET has addressed a high severity vulnerability in the Secure Traffic Scanning Feature, preventing potential exploitation that could lead web browsers to trust websites using certificates signed with outdated and insecure algorithms.
The vulnerability tracked as CVE-2023-5594, with a CVSS score 7.5 resides in the SSL/TLS protocol scanning feature implemented in ESET products. This is due to an issue present due to the improper validation of the server’s certificate chain.
The advisory states, An intermediate certificate signed using the MD5 or SHA1 algorithm was considered trusted, and thus the browser on a system with the ESET secure traffic scanning feature enabled could be caused to trust a site secured with such a certificate.
The security firm released security patches for several products. ESET is not aware of attacks in the wild that exploited this flaw.
The list of affected products:
- ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium, ESET Security Ultimate
- ESET Endpoint Antivirus for Windows and ESET Endpoint Security for Windows
- ESET Endpoint Antivirus for Linux 10.0 and above
- ESET Server Security for Windows Server,
- ESET Mail Security for Microsoft Exchange Server,
- ESET Mail Security for IBM Domino,
- ESET Security for Microsoft SharePoint Server,
- ESET File Security for Microsoft Azure
- ESET Server Security for Linux 10.1 and above
