CVE-2016-1203

2023-10-3112:38:05

jpcert

www.cve.org

cve-2016-1203

file verification

saat netizen

man-in-the-middle

exploitation

malicious file

AI Score

Confidence

High

EPSS

0.001

Percentile

50.9%

JSON

Improper file verification vulnerability in SaAT Netizen installer ver.1.2.0.424 and earlier, and SaAT Netizen ver.1.2.0.8 (Build427) and earlier allows a remote unauthenticated attacker to conduct a man-in-the-middle attack. A successful exploitation may result in a malicious file being downloaded and executed.

CNA Affected

[
  {
    "vendor": "NetMove Corporation",
    "product": "SaAT Netizen installer",
    "versions": [
      {
        "version": "ver.1.2.0.424 and earlier",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "NetMove Corporation",
    "product": "SaAT Netizen",
    "versions": [
      {
        "version": "ver.1.2.0.8 (Build427) and earlier",
        "status": "affected"
      }
    ]
  }
]

References

jvn.jp/en/vu/JVNVU97339542/

web-support.saat.jp/hc/ja/articles/4406222933785