MEDIUM
Eset
CVE published 2017-03-02
CVE-2016-9892
CVE-2016-9892 is a medium-severity macOS issue in ESET Endpoint Antivirus and Endpoint Security that weakens TLS trust during license activation. The CVE record says the esets_daemon service did not properly verify the X.509 certificate for the edf.eset.com SSL server, which could let a man-in-the-middle attacker spoof the server with a self-signed certificate and send crafted activation responses. The CV [truncated]