Komodia SSL Digestor Root CA Certificate Installed (Superfish)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote Windows host is affected by a man-in-the-middle
vulnerability.

Description :

The remote Windows host has an application installed that uses the
Komodia SSL Digestor SDK (e.g. Superfish Visual Discovery and
KeepMyFamilySecure). It is, therefore, affected by an HTTPS
man-in-the-middle vulnerability due to the installation of a
non-unique root CA certificate associated with the SDK into the
Windows trusted system certificate store. The private keys for many of
these root CAs are publicly known. Furthermore, the SDK is insecurely
implemented and websites that use specially crafted self-signed
certificates will be reported as trusted to the user. Individual
Firefox and Thunderbird profiles may also contain the compromised root
CA certificates.

A MitM attacker can exploit this vulnerability to read and/or modify
communications encrypted via HTTPS without the user's knowledge.

See also :

http://www.nessus.org/u?1658aef1
http://blog.erratasec.com/2015/02/extracting-superfish-certificate.html
http://www.nessus.org/u?235e60a1
https://gist.github.com/Wack0/17c56b77a90073be81d3
https://blog.filippo.io/komodia-superfish-ssl-validation-is-broken/
http://support.lenovo.com/us/en/product_security/superfish
http://support.lenovo.com/us/en/product_security/superfish_uninstall

Solution :

If Superfish is installed, uninstall the application and root CA
certificate using the instructions provided by Lenovo.

Otherwise, contact the vendor for information on how to uninstall the
application and the bundled root CA certificate.

Risk factor :

Medium / CVSS Base Score : 6.4
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)
CVSS Temporal Score : 6.4
(CVSS2#E:ND/RL:U/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 81425 ()

Bugtraq ID: 72693

CVE ID: CVE-2015-2077
CVE-2015-2078

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now