Komodia SSL Digestor Root CA Certificate Installed (Superfish)
Medium Nessus Plugin ID 81425
The remote Windows host is affected by a man-in-the-middle vulnerability.
The remote Windows host has an application installed that uses the Komodia SSL Digestor SDK (e.g. Superfish Visual Discovery and KeepMyFamilySecure). It is, therefore, affected by an HTTPS man-in-the-middle vulnerability due to the installation of a non-unique root CA certificate associated with the SDK into the Windows trusted system certificate store. The private keys for many of these root CAs are publicly known. Furthermore, the SDK is insecurely implemented and websites that use specially crafted self-signed certificates will be reported as trusted to the user. Individual Firefox and Thunderbird profiles may also contain the compromised root CA certificates. A MitM attacker can exploit this vulnerability to read and/or modify communications encrypted via HTTPS without the user's knowledge.
If Superfish is installed, uninstall the application and root CA certificate using the instructions provided by Lenovo. Otherwise, contact the vendor for information on how to uninstall the application and the bundled root CA certificate.