CVE-2016-1203

Improper file verification vulnerability in SaAT Netizen installer ver.1.2.0.424 and earlier, and SaAT Netizen ver.1.2.0.8 (Build427) and earlier allows a remote unauthenticated attacker to conduct a man-in-the-middle attack. A successful exploitation may result in a malicious file being downloaded and executed.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
jpcertCNA
---
---
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
VendorProductVersion
saatnetizen
𝑥
≤ 1.2.0.8
saatnetizen_installer
𝑥
≤ 1.2.0.424
𝑥
= Vulnerable software versions
References
https://jvn.jp/en/vu/JVNVU97339542/
https://web-support.saat.jp/hc/ja/articles/4406222933785
https://jvn.jp/en/vu/JVNVU97339542/
https://web-support.saat.jp/hc/ja/articles/4406222933785