Medium severity5.9NVD Advisory· Published Mar 2, 2017· Updated May 13, 2026

CVE-2016-9892

Description

The esets_daemon service in ESET Endpoint Antivirus for macOS before 6.4.168.0 and Endpoint Security for macOS before 6.4.168.0 does not properly verify X.509 certificates from the edf.eset.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide crafted responses to license activation requests via a self-signed certificate. NOTE: this issue can be combined with CVE-2016-0718 to execute arbitrary code remotely as root.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/141350/ESET-Endpoint-Antivirus-6-Remote-Code-Execution.htmlnvdExploitThird Party Advisory
seclists.org/fulldisclosure/2017/Feb/68nvdExploitMailing List
support.eset.com/ca6333/nvdVendor Advisory
www.securityfocus.com/bid/96462nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.384
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000