CVE-2023-43870

Name of the Vulnerable Software and Affected Versions Net2 (affected versions not specified)

Description A potential issue arises when installing the Net2 software, as a root certificate is installed into the trusted store. A hacker could access the installer batch file or reverse engineer the source code to gain access to the root certificate password. Using the root certificate and password, they could create their own certificates to emulate another site. By establishing a proxy service to emulate the site, they could monitor traffic passed between the end user and the site, allowing access to the data content. Approximately 669 systems are potentially affected, mainly distributed in the United Kingdom and the United States.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.