Dell eDellRoot / DSDTestProvider Root CA Certificates Installed
Medium Nessus Plugin ID 87013
SynopsisThe remote Windows host is affected by a man-in-the-middle vulnerability.
DescriptionThe remote Windows host is affected by a man-in-the-middle (MitM) vulnerability due to the installation of a non-authorized root CA certificate into the Windows trusted system certificate store. The private keys for many of these root CAs are publicly known.
Furthermore, websites that use specially crafted self-signed certificates will be reported as trusted to the user. Individual Firefox and Thunderbird profiles may also contain the compromised root CA certificates.
A MitM attacker can exploit this vulnerability to read and/or modify communications encrypted via HTTPS without the user's knowledge.
SolutionUninstall the eDellRoot and DSDTestProvider root CA certificates per the vendor knowledge base article.