Vulnerability Details : CVE-2016-1203
Improper file verification vulnerability in SaAT Netizen installer ver.1.2.0.424 and earlier, and SaAT Netizen ver.1.2.0.8 (Build427) and earlier allows a remote unauthenticated attacker to conduct a man-in-the-middle attack. A successful exploitation may result in a malicious file being downloaded and executed.
Products affected by CVE-2016-1203
- cpe:2.3:a:saat:netizen:*:*:*:*:*:*:*:*
- cpe:2.3:a:saat:netizen_installer:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-1203
0.18%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 55 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-1203
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
8.1
|
HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.2
|
5.9
|
NIST |
References for CVE-2016-1203
-
https://jvn.jp/en/vu/JVNVU97339542/
JVNVU#97339542: SaAT Netizen fails to properly verify downloaded installation and update filesThird Party Advisory
-
https://web-support.saat.jp/hc/ja/articles/4406222933785
2016.04.26|ネチズン Windows版セキュリティアップデートのお知らせ – サート・サポートVendor Advisory
Jump to